urlscan.io logo urlscan.io
SecurityTrails logo

ufile.io Open in urlscan Pro
2606:4700:3036::ac43:9b51  Public Scan

Go To Rescan Add Verdict Report
URL: https://ufile.io/kfmz9q2y
Submission: On August 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 9 countries across 46 domains to perform 222 HTTP transactions. The main IP is 2606:4700:3036::ac43:9b51, located in United States and belongs to CLOUDFLARENET, US. The main domain is ufile.io. The Cisco Umbrella rank of the primary domain is 249471.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.
This is the only time ufile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2606:4700:303... 13335 (CLOUDFLAR...)
12 142.250.186.98 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 92.123.36.4 16625 (AKAMAI-AS)
3 185.89.208.11 29990 (ASN-APPNEX)
2 18.197.29.200 16509 (AMAZON-02)
2 213.19.147.43 3356 (LEVEL3)
2 185.64.189.112 62713 (AS-PUBMATIC)
9 185.89.210.122 29990 (ASN-APPNEX)
4 216.52.2.39 32475 (SINGLEHOP...)
12 18.156.195.47 16509 (AMAZON-02)
3 35.158.84.125 16509 (AMAZON-02)
2 34.107.148.139 15169 (GOOGLE)
6 2602:803:c003... 26667 (RUBICONPR...)
1 34.102.146.192 15169 (GOOGLE)
1 34.208.243.53 16509 (AMAZON-02)
1 3.136.53.155 16509 (AMAZON-02)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 23.47.209.72 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
3 178.250.0.157 44788 (ASN-CRITE...)
1 35.244.159.8 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 18.66.112.66 16509 (AMAZON-02)
3 16 13.248.245.213 16509 (AMAZON-02)
1 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
1 4 3.124.17.94 16509 (AMAZON-02)
1 1 2.18.168.23 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 213.19.147.45 26120 (RHYTHMONE)
3 52.223.40.198 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 6 3.67.157.21 16509 (AMAZON-02)
2 92.123.9.160 16625 (AKAMAI-AS)
1 92.123.38.97 16625 (AKAMAI-AS)
2 2.18.168.202 16625 (AKAMAI-AS)
1 67.202.105.23 32748 (STEADFAST)
1 151.101.129.108 54113 (FASTLY)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 6 142.250.185.98 15169 (GOOGLE)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 34.98.67.61 15169 (GOOGLE)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
3 5 52.46.128.147 16509 (AMAZON-02)
1 1 64.202.112.223 22075 (AS-OUTBRAIN)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 3 69.173.144.139 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 67.202.105.32 32748 (STEADFAST)
1 51.89.9.251 16276 (OVH)
1 1 147.75.85.234 54825 (PACKET)
222 65
21    2606:4700:3036::ac43:9b51 (United States)

ASN13335 (CLOUDFLARENET, US)
ufile.io
12    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
4    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
1    92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com
a.teads.tv
3    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
2    18.197.29.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-29-200.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
2    213.19.147.43 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
12    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
3    35.158.84.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-84-125.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
6    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.208.243.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-243-53.us-west-2.compute.amazonaws.com
id.sharedid.org
1    3.136.53.155 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-53-155.us-east-2.compute.amazonaws.com
prod.uidapi.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com
at.teads.tv
4    2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
6    2606:4700::6812:1c5b (United States)

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
10    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    18.66.112.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-66.fra56.r.cloudfront.net
ib.3lift.com
16    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2a02:26f0:f700:4::212:4f18 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sportradarserving.com
4    3.124.17.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-17-94.eu-central-1.compute.amazonaws.com
eu.sportradarserving.com
1    2.18.168.23 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-23.deploy.static.akamaitechnologies.com
hbx.media.net
2    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
2    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
6    3.67.157.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com
contextual.media.net
2    2.18.168.202 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-202.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    2a05:d018:d29:3602:ab6e:8189:a819:79f3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    64.202.112.223 (Lovettsville, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
Apex Domain
Subdomains		 Transfer
27 googlesyndication.com
6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
147 KB
23 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
ib.3lift.com — Cisco Umbrella Rank: 1109
eb2.3lift.com — Cisco Umbrella Rank: 418
82 KB
21 ufile.io
ufile.io — Cisco Umbrella Rank: 249471
324 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
257 KB
16 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 943
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
3 KB
15 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com — Cisco Umbrella Rank: 582
token.rubiconproject.com — Cisco Umbrella Rank: 711
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
40 KB
13 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1730
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com — Cisco Umbrella Rank: 604
88 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
217 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1039
x.bidswitch.net — Cisco Umbrella Rank: 292
4 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2790
9 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
1 KB
6 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 20712
143 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
74 KB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
3 KB
5 sportradarserving.com
creatives.sportradarserving.com — Cisco Umbrella Rank: 63469
eu.sportradarserving.com — Cisco Umbrella Rank: 62547
37 KB
5 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493
ads.pubmatic.com — Cisco Umbrella Rank: 492
image6.pubmatic.com — Cisco Umbrella Rank: 634
12 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
3 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
hbx.media.net — Cisco Umbrella Rank: 1697
contextual.media.net — Cisco Umbrella Rank: 537
9 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 654
9 KB
4 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1506
sync.1rx.io — Cisco Umbrella Rank: 570
2 KB
4 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113
cloudflareinsights.com — Cisco Umbrella Rank: 1106
11 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
793 B
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3064
google-bidout-d.openx.net — Cisco Umbrella Rank: 2947
569 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
847 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4289
sync-eu.connectad.io — Cisco Umbrella Rank: 3142
897 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
87 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
at.teads.tv — Cisco Umbrella Rank: 4119
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
207 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4312
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 592
98 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
301 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 204
594 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
356 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 458
514 B
1 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2522
104 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
13 KB
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3344
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3504
904 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3290
8 KB
1 33across.com
ssc.33across.com Failed
ssc-cms.33across.com — Cisco Umbrella Rank: 999
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 139
457 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 15164
253 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 21453
143 KB
222 46
Domain Requested by
21 ufile.io ufile.io
17 tpc.googlesyndication.com 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
ufile.io
cdn.ampproject.org
16 eb2.3lift.com 3 redirects ufile.io
ib.3lift.com
cdn.adapex.io
eb2.3lift.com
12 c2shb.pubgw.yahoo.com cdn.adapex.io
12 securepubads.g.doubleclick.net ufile.io
securepubads.g.doubleclick.net
www.googletagservices.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 ib.adnxs.com cdn.adapex.io
eb2.3lift.com
acdn.adnxs.com
8 pagead2.googlesyndication.com ufile.io
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 cm.g.doubleclick.net 3 redirects eb2.3lift.com
6 x.bidswitch.net 5 redirects
6 client.crisp.chat ufile.io
client.crisp.chat
6 fastlane.rubiconproject.com cdn.adapex.io
5 s.amazon-adsystem.com 3 redirects eb2.3lift.com
4 token.rubiconproject.com 4 redirects
4 eu.sportradarserving.com 1 redirects ufile.io
4 ib.3lift.com cdn.adapex.io
ib.3lift.com
ufile.io
4 gum.criteo.com 2 redirects static.criteo.net
4 www.google.com 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
tpc.googlesyndication.com
ufile.io
4 fonts.googleapis.com 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
4 ap.lijit.com cdn.adapex.io
3 pixel.rubiconproject.com 1 redirects
3 match.adsrvr.org eb2.3lift.com
3 fonts.gstatic.com fonts.googleapis.com
3 mug.criteo.com ufile.io
3 www.gstatic.com 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
3 tlx.3lift.com cdn.adapex.io
ufile.io
3 prebid.adnxs.com cdn.adapex.io
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
2 pr-bh.ybp.yahoo.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 ads.pubmatic.com cdn.adapex.io
2 eus.rubiconproject.com cdn.adapex.io
eus.rubiconproject.com
2 ups.analytics.yahoo.com 2 redirects
2 sync.1rx.io 2 redirects
2 cloudflareinsights.com static.cloudflareinsights.com
2 oajs.openx.net 1 redirects ufile.io
2 www.googletagservices.com 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
2 prebid.media.net cdn.adapex.io
2 hbopenbid.pubmatic.com cdn.adapex.io
2 tag.1rx.io cdn.adapex.io
2 grid.bidswitch.net cdn.adapex.io
2 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com ufile.io
www.google-analytics.com
2 static.cloudflareinsights.com ufile.io
1 prebid.a-mo.net 1 redirects
1 onetag-sys.com cdn.adapex.io
1 ic.tynt.com cdn.adapex.io
1 id.rlcdn.com
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 odr.mookie1.com eb2.3lift.com
1 image6.pubmatic.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 acdn.adnxs.com cdn.adapex.io
1 ssc-cms.33across.com cdn.adapex.io
1 contextual.media.net cdn.adapex.io
1 prebid-match.dotomi.com
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io cdn.adapex.io
1 hbx.media.net 1 redirects
1 creatives.sportradarserving.com ufile.io
1 google-bidout-d.openx.net oa.openxcdn.net
1 at.teads.tv a.teads.tv
1 static.criteo.net securepubads.g.doubleclick.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.adapex.io ufile.io
0 ssc.33across.com Failed cdn.adapex.io
222 74

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-10 -
2023-06-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
crisp.chat
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
tracker.ads.sportradar.com
R3		 2022-07-06 -
2022-10-04		 3 months crt.sh
*.sportradarserving.com
Entrust Certification Authority - L1K		 2021-09-29 -
2022-10-15		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-08-03 -
2023-02-03		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh

This page contains 29 frames:

Primary Page: https://ufile.io/kfmz9q2y
Frame ID: F1F2EF80E99173D6CC0E72FC3105EA33
Requests: 106 HTTP requests in this frame

Frame: https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661400000
Frame ID: 96E4971965FECD8C0C3F84E07BA4ED17
Requests: 3 HTTP requests in this frame

Frame: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BB62A7429F36B25F05E30F11AFA5CE70
Requests: 1 HTTP requests in this frame

Frame: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4CF2685D2C2277E0020BC4168EA649AD
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: CB078485B20732E564B2B93B3E60C46C
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ufile.io
Frame ID: A4D4F200B03DC4978167019287308D41
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 6470594AA2592986A3F8F53B2FDFF5D5
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 56E4C6782F003BF565D702C8FC2BAF21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA8CF2714B2818EE52311AB46EC7A7CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D058EED9D2F895CA270A40FA768CD516
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: 46D4B5F1984DA7DD4F3DFF1CC00E9EC7
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubTOha8u4_RVVm6hEjap-l19JVHcIHaNfsATmGfNBt8kvNGdODT4VowT3k3MvSYdR7no53ypIkHiHe5-4jvdQhpih8Rt0gjC2WNhHpQ3zN-xxdOggTamg1Zy9N_sHYaC540q5QqlAuoHSVCXwZdYzMWGsJQbEzBl5A8QcuPGZEqzX6VMM5NrspUeG-1w7063dWT0B4SnBLjhTS6zFx6vS752vYcEoLufE-D_kIsq1FJ_cwjYJE-cTVW6Lx7HvnTfJiWA8uEL56EiZzq-wXJqcR5_2Efv4fe7CYCurL6EzsM0AxvNhdgyLJBKn7_8jxMsdzIhhCsjs&sai=AMfl-YTLa0zxyKjncCOh39BZkVMzTNvddU--kmUuGKfaZmyyEt-xc44ZJGBfnkkVzLw_gg0Nt9EGUfyMd1oKJ7uKI341EHuuA-bc6BX16MkapgaephBfgu6B9DLUaFhoEuo&sig=Cg0ArKJSzFNgRAQkxQhWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B28FA071017F0D5295C9E83BC5041F91
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: 8127A4868D47912D4B5DE69D7056D464
Requests: 18 HTTP requests in this frame

Frame: data://truncated
Frame ID: D38AB5FACD0F5A5E3FD5596D0835022C
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sportradarserving.com/f6acecb9-6dd3-4c97-9cc7-db90d863683e/728x90.jpg
Frame ID: 7C14EB935D41F8B0EDA0AC3C4C539CC2
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=76925
Frame ID: 23629CCFC07E3E21D21C1C2F0A0FBFFE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr=&consent=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: C0B1678ADEA9E6C5DA09D261A0A6FBD6
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr=&consent=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: AD7B9C253ECFFBFEE8929292A4886AC8
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2A7B67E6E1F3CC4F4D0826C0FB3BEA2B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0907F41C8F86279C819ED2D2968E8D85
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQWX43D&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7B8B872BC0E2D7ADD82BC22B4D3D24DA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=148803
Frame ID: F883C29071C2B31964E2B3091852A1A6
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13408118
Frame ID: 7788AF38E84026AA040280A0C70C113C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bxLpdiLMCr7iodrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 163CCD6AFCE4DB21D722F62D935A6907
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 609061B5DD73E91A394C61FA2FE6F360
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 92E9CE5579AB3268CF6BA811C7D26F0A
Requests: 12 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: 85BB1C9FCC928C7665E61953E6E0B7BD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: D67E37556376E8A4A62AC4AA6C74BD7B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: BB377C1BA00925F96167D0386245F71E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Upload files for free - ukrnews.docx - ufile.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

222
Requests

87 %
HTTPS

40 %
IPv6

46
Domains

74
Subdomains

65
IPs

9
Countries

1746 kB
Transfer

4891 kB
Size

44
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&rid=esp&cc=1
Request Chain 75
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ufile.io&sn=ChromeSyncframe&so=0&topUrl=ufile.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=mtf0vXxKTjRSNVppUHpoT1QzaVRoMkJYZ2tpT2hzZksyeEdhdGdHM3UxQlcrbFBjM2F1RTlzeDJ3Wkd2WTZyVVN0YXJhenMrR1ByUDlKQmUrUTdXa25UKzgrejduazJhUkNMclgrQ1ZWNC9Vd3FJVVdqVHZmVkJKN2lCZnozZ0Q0TGx3dXI0MUFtaklQb1ViaUVCOTdZUitWZzBpc1hkbUpHa0dKWmljWXdiVndVczBWdkZKeWtnRmRSeHFRRDF4NVo2TmltdlA3ZmlaaVR6VzNiR25mclZvemhTendpb2JWWnZhT0hhekhXZkJIaHBieURreVdNUVdSODlxUGlNcExFUDNjWkoxNXAwUm9BQzh1WE8vZ25rS3ZLdz09fA&cppv=2
Request Chain 97
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=ufile.io&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=u-NuwnxQZ0pra1NDSzQ3Zm5KeHM2cHk3RHVpRVdlSEplU28zY2VTdmxOdXBYUE9BOU0wRVdJRUdhQmN1TzNGa3o2bSt6UC9QZ3hjV3ZKN1RNMXlBdzNPcTUzMUpURTJ1WGpjOWhhVWFEZEtGOGY0S3ZUS1h6ZENNVkgzK3NYY2JBYi9UeGtVZDRFcVBRRTgxTmNvQzlkL3oxUDQ2SzdlTTJIbTk0RkpXYnUvdmkrcnNyYk45T1VCUlU1SVFQOXdGWWtrQm9OTXpydy9Oc0hOUUI4UXFHRmdsdjFDR29saG1HOGZEZkN4YWFlOEZwWjJUVnZzZXYrZEkwU2hRUXZEWlBVZHp5b1l5MzdTMUl5UGZJUlo3QnczQy9Zdz09fA&cppv=2
Request Chain 149
  • https://eu.sportradarserving.com/content/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0DTB_jIwhYGqYJFJSOUOR23kLxkhpNqbxZbsnksWpmVd8eKU_-Ac6EpYoU9EZjdeS2XDrXz8dGyeG_y68zJV9-2JrzTOl0L5jGzDzR3ta7NBjqkIn67PGlUZbFPNcb3xWCLnmedDbsZxZsd4rj6OjdvmW68cXBfGZysbDNFV66hqD9I1-usDoYlmdLh8h6SfPzIX2qeHGM5QIbhIBolx5tXbWuqRjGGR1nWdXZqTAyfBtnH7u0lF6MudPv_ixq4uvtMc6fTt0B4WkO9On0gGRuBQcKY-gRGZMS1L7BQdiqBJ6Uml0AVeMD7D3y9u0IOqU-8ne-qa_2ryPgSmKzLBXL7NDUXR9D8CM5RHryOgeoNUGaPtCuAafv2GA-_SmfSE2QPP7by8yqnL5FZTZCwn2-1n5KynjKKeg1ycaijkOUqHnOwdzILSfeJmbrF7WSi504HBD-ue5Pt_IkzU-J7BJHjVgo5ZsA99J-U2HVcyfC9vPpiqO2lBaChkDRQjMRjMUmBP-5iFiLBXpETRJSfvGLeDg1TiiX38fQ33k8RkpQx_4vCw00Gx9IK4-rG29O3c3lFjUWiEhqQwxX3aeRP3JlNX4Z3dGMZj62vl4xRIOT-WjOvT4xgE6kUfEVgdNkPCHWfOXUYClx2e6JDBS2K4Cl0/ HTTP 302
  • https://eu.sportradarserving.com/ul_cb/content/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0DTB_jIwhYGqYJFJSOUOR23kLxkhpNqbxZbsnksWpmVd8eKU_-Ac6EpYoU9EZjdeS2XDrXz8dGyeG_y68zJV9-2JrzTOl0L5jGzDzR3ta7NBjqkIn67PGlUZbFPNcb3xWCLnmedDbsZxZsd4rj6OjdvmW68cXBfGZysbDNFV66hqD9I1-usDoYlmdLh8h6SfPzIX2qeHGM5QIbhIBolx5tXbWuqRjGGR1nWdXZqTAyfBtnH7u0lF6MudPv_ixq4uvtMc6fTt0B4WkO9On0gGRuBQcKY-gRGZMS1L7BQdiqBJ6Uml0AVeMD7D3y9u0IOqU-8ne-qa_2ryPgSmKzLBXL7NDUXR9D8CM5RHryOgeoNUGaPtCuAafv2GA-_SmfSE2QPP7by8yqnL5FZTZCwn2-1n5KynjKKeg1ycaijkOUqHnOwdzILSfeJmbrF7WSi504HBD-ue5Pt_IkzU-J7BJHjVgo5ZsA99J-U2HVcyfC9vPpiqO2lBaChkDRQjMRjMUmBP-5iFiLBXpETRJSfvGLeDg1TiiX38fQ33k8RkpQx_4vCw00Gx9IK4-rG29O3c3lFjUWiEhqQwxX3aeRP3JlNX4Z3dGMZj62vl4xRIOT-WjOvT4xgE6kUfEVgdNkPCHWfOXUYClx2e6JDBS2K4Cl0/
Request Chain 161
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
Request Chain 164
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1661400340297 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8231534645
Request Chain 165
  • https://ups.analytics.yahoo.com/ups/58626/occ?gdpr=&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58626/occ?gdpr=&gdpr_consent=&verify=true HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=yahoossp&uid=y-r6s9Md1E2uFYuaLewsO9SL8oMjkAP_UHoU.as_c-~A
Request Chain 167
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&uid=a0fb30e0-64cc-4d2e-9a43-75761c458542
Request Chain 175
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=themediagrid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&&user_id=us6luurIpLmhmPO7u8q47bic87-hzaS4uspaZ5yI
Request Chain 176
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 179
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzcxODY5MDkwNDE0ODI0MTQ1Mg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSmy09gn_j0owq3mUYfQIU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 181
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzcxODY5MDkwNDE0ODI0MTQ1Mg%3D%3D
Request Chain 183
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1463718690904148241452&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ec3ff4c2-efdf-4dcb-8e8a-396d7d3ea113&ssp=triplelift&gdpr=0&gdpr_consent=
Request Chain 185
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1463718690904148241452?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eJHVYCRE2oTKp433Am.ma7BYz0U7CxhHme6EtIMS_w--~A&dongle=0883
Request Chain 186
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1463718690904148241452 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1463718690904148241452&dcc=t
Request Chain 187
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Request Chain 191
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2JmNThiMmE4M2IwZWI4OGZmZjBhZGJlZGM2NzVhYTNlODIxNGEwMw
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOGAgKZpKMWzybBKGvKHnJs&google_cver=1
Request Chain 193
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ppCjWWjDTDK_Xkmd87yMqg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ppCjWWjDTDK_Xkmd87yMqg
Request Chain 194
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LMLJ9WL-36VquTBlCpTfbMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5464374574504512034
Request Chain 195
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4SVVWNUYtMTAtSE9WNA==
Request Chain 196
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L78IUV5F-10-HOV4
Request Chain 204
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&uid=9cfd6f56-ca73-417b-a800-82bb4f46d245&gdpr=&gdpr_consent=&us_privacy=

222 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kfmz9q2y
ufile.io/ 		83 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.24
Resource Hash
75b7ff17c9cc6595a13f87ebfc8d891821d838014499ecb09872ea33df934e61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
740172f7ada9bb5c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 04:05:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BlOFYweAhhYhUQCBmpitIYHhOlq8dnWOVP3jW%2FZA2wI7Pi%2FNcGCjfv2owQpM87qteXTaUMyQ7DVFf7geu5yZTm4ws3DNBfJqs5Y3OZXOqDEDwkQKwrp29nikhpOUYh3WY0QcZcM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.2.24
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
71286761b8e769fe6c527584e1acfb289706ddb93e6c4dd15f3872a5439a66f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28547
x-xss-protection
0
server
sffe
etag
"1313 / 488 of 1000 / last-modified: 1661379059"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 25 Aug 2022 04:05:24 GMT
aaw.ufile.js
cdn.adapex.io/hb/ 		511 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.ufile.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a07746800cc35eb77e635e3f4e63062f3727e139f1495d479608eba9c626a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42576
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Aug 2022 16:10:06 GMT
server
cloudflare
etag
W/"6304fbde-7fb68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KsunTJ%2BCVTFuG04zay2tG%2B0S1kKkeJ9DMkjbjghOUHYiY0WkFl%2FcG0Yl%2B7WloejQpwDCcy6085Q5mBq0v8FT3%2Bz6aBChf9f1eDZ5eXgXZkw8y5LOJitON2Sy0b512%2FhPZgRoupr2l1nIgQG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
740172fc2f41914a-FRA
expires
Thu, 25 Aug 2022 16:11:04 GMT
roboto-v20-latin-100.woff2
ufile.io/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/fonts/roboto-v20-latin-100.woff2
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ufile.io/kfmz9q2y
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2222456
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15808
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3dc0-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjm4TKLrqSG3u21QAB0%2F1R%2B%2FGbgVMJNhLEyNfYEHFnZxgJXgSPlkfJNUO25NF3g0jGoBR5RbdIhB6mKgWYunrqbC%2BI7K48Bo4%2BUmBVFxYjJzABbVjCmjgcXtayTnzonkR98XDfY%2B"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
740172fb0873bb5c-FRA
25.jpeg
ufile.io/assets/img/backgrounds/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/backgrounds/25.jpeg
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f00982b82b38c4f659d96f342413523d1869eabd2f5faef467127b71d66d162
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21893
cf-polished
status=not_needed
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47257
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"b899-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDAe4V7YYPKc2qZUQMuu5x1Jbkxo09VAp1EOnUGuEKr36WcII8IS3qib0XsBZse8kG%2FxMcEz4rFgAba6YVjYsU4ziOLQEugpQO0EaiL2FlgMMKBcffABh15ybDXhtXX%2FxRnuyBUp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
740172fb2890bb5c-FRA
cf-bgj
imgq:100,h2pri
spacer.png
ufile.io/assets/img/ 		34 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/spacer.png
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
623077
cf-polished
origFmt=png, origSize=152
content-disposition
inline; filename="spacer.webp"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"98-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7lSP4GnXFTni6yJ9dLQpWGecEFm%2BllQTdXMebn1LyYJPjheBmX2Wko6VunxnEsQB840VmaCKhZbnhnUjnaD73r60uFbjqI3gp4yRJNlOYen319B373DToMnncHOCFoIu%2BWBSKNi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
740172fb2893bb5c-FRA
cf-bgj
imgq:100,h2pri
download.js
ufile.io/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/download.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1d26389f36c06c51de5c2e21ff754189bed8f2ab99191c264db8fd3912e9a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2222456
cf-polished
origSize=10696
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"29c8-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adSAiVYXD88ztr1sDtw1aLP2tBerMMN1nEbApKKafZ4zxJM4WnhtN%2BvK4BBRPvnt2X%2B54M41ipGWsdJGGw9cQtcVGR7bGdu6iXAbYFLF0MxVggI%2Bvf%2FDk9tBIQ1OJ%2Bddx%2FQ2pkPg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
740172fb0874bb5c-FRA
cf-bgj
minify
bootstrap.css
ufile.io/assets/css/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/bootstrap.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
255117
cf-polished
origSize=41042
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGVi8D92uCDrxqcxCWJHHNR%2BlyZxrXVwUrJfaPYd1ZiKKcWmnbLwM6DCp51DGBYzM%2BIoBsEKbqf5cPc8GlVQphgv5EnenPqtnwR1QzyWaC4VRpdVQfZ%2FHeJQXDE2ZrL17QB5kKaw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
max-age=15552000
cf-ray
740172fb0871bb5c-FRA
expires
Wed, 18 Jan 2023 05:00:48 GMT
theme.css
ufile.io/assets/css/ 		86 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/theme.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221494
cf-polished
origSize=114399
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1bedf-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6wBgxAWxK49Gm8v0PvjJxE9gzzbFS%2BlgJmrynrcJEYwI%2BDAMBSijcEa%2F59MdYtM%2Brq26EOgrBvTADOF4vvdeXxWzZTcabLp5uzONNln5Oo4njdx%2FnsKpzVI7%2BczuN2V1en2rV3u"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
740172fb0872bb5c-FRA
cf-bgj
minify
utils.css
ufile.io/assets/css/ 		60 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/utils.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2221905
cf-polished
origSize=76432
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"12a90-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5iUROw4GYjghpUx%2Fn2Mqlz1U5Y2jp8Bl2sIYyKVxcwg5w%2F7Ej0XXMwUz9Imt31ZyTuOjDsMR7agjAKhE0ZfCFMzGhrLFoPlGnY7HIwPq64JFfekmH0cV%2BVx29nWRPLFb%2F2JAQ26"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
740172fb0875bb5c-FRA
cf-bgj
minify
logo-dark.svg
ufile.io/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/logo-dark.svg
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2223487
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"850-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGbgwW0vwCpAS1pcIYK4PIVF4AgZN9GnsltnqK23%2Bfo6PCLgjjGHvl%2BJ4qIEh0SaE7WjMl2PC4isizLPdQV1ttMbVXWt0Dgs3EoGX%2BitNRBntNP3CkPsj%2Bzn708UqZEUCqrqJpsd"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=2678400
cf-ray
740172fb2898bb5c-FRA
jquery.js
ufile.io/assets/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/jquery.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2224800
cf-polished
origSize=89500
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"15d9c-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dSOa2HUXa3Ig5fz3bvgHVY2fOIvFQJcdtrl4wi28oS6x0Bf7vzthyvvJyXyyc3JIJoFCGyrM68c7cbe5G6GLlts1z61tVjxZhT%2BvVbyWV7q%2Fj8kjWZoEnPuaRqx7WbI17erb4Jd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
740172fb2899bb5c-FRA
cf-bgj
minify
utils.js
ufile.io/assets/js/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/utils.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
256971
cf-polished
origSize=47601
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbAD8Qokhl%2FGcoUxt%2Fvm1JumCcTpIxcwoUja3ihCrmvyxUnDBS99k013tFXaVfUGxsvYJ%2Bo5rc7sumFzRiJFYQTI%2BkkcxZMlL3dbZ0EzCNYiEjVgxqiF70dnygQCpOGYsV0CJ8ik"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-bgj
minify
cache-control
max-age=2678400
cf-ray
740172fb289abb5c-FRA
expires
Sun, 21 Aug 2022 04:34:39 GMT
global.js
ufile.io/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/global.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2224800
cf-polished
origSize=36623
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8f0f-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNw%2FbGSrPJOmRGqJrEqzsb2hMHJwAiEK1Xttjc%2BPDp1iAdjdWZ3LkopBJnEroBUlv7G50cgEcBCI02chpknasZhNfxEf0tlkz%2BbRlz8qtv89fmOh9TEwWFgc1LkEk%2FHImUhYNZpi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
740172fb389cbb5c-FRA
cf-bgj
minify
ab.js
ufile.io/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/ab.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2223487
vary
Accept-Encoding
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a13-5e27de0365600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdLPrpuoUO3wjJ5tyMD%2BDrw9uqL6DlPfh6oqi7%2FeJ6L32k4QbMgZdckI%2BoDyJBNgtsfSKCCk6um1Hbm5JVy4c6kYv24UVGn1YxvJalmx7Z3nZplyKuwhdmQtza%2FxAZ4%2FE8GK2x23"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2678400
cf-ray
740172fb389bbb5c-FRA
cf-bgj
minify
beacon.min.js
static.cloudflareinsights.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
740172fb7e08695b-FRA
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://ufile.io/
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
740172fb7e9e9c07-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
date
Thu, 25 Aug 2022 03:02:00 GMT
vary
Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 25 Aug 2022 05:02:00 GMT
pubads_impl_2022081802.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d415f82142d578c1440e0f194b5694315a05f0daa2aa8a4ccd1706697bd133c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 21:40:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133669
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:32:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Aug 2023 21:40:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		158 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
37d926ff1774efcd9da2eb444744d43997376fc9c8ac940785e94f6a13cfc89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
expires
Thu, 25 Aug 2022 04:05:24 GMT
invisible.js
ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 96E4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661400000
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04033f4fee88b3246e789c7e722fc4354588eeeea0141941a1b5706a598f46f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNTPzYXX%2FMaf2Cm24lsZUes0L7kcvqX6kvClEvDjW1UoWa53wNbRkwR9tGcO4N%2FrsD3FWXfrTj4NoGiGyNoEoLQWX9hAO977LqHGao8Wtwcb6XR%2BkZNmB2qalKysleSFCUWKocDU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
740172fc09d29978-FRA
vary
Accept-Encoding
fa-solid-900.woff2
ufile.io/assets/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/fonts/fa-solid-900.woff2
Requested by
Host: ufile.io
URL: https://ufile.io/assets/css/utils.css?v=1563114509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ufile.io/assets/css/utils.css?v=1563114509
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2291814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75440
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"126b0-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9dlyRx6%2B0RtqEGm1uDbCZ%2Bx%2BI65B7QeRp3hayt9ANZvoL3NDvaVY7OJ3XAYOUc8embt5kGWWnw7PMln9eYSgCGY94E%2BgH%2BSb1WZDfkH7xtv4dIuyarIsFxqLB9%2F4v7viUdckxx5"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
740172fc29ef9978-FRA
collect
www.google-analytics.com/j/ 		4 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=817674924&t=pageview&_s=1&dl=https%3A%2F%2Fufile.io%2Fkfmz9q2y&ul=en-us&de=UTF-8&dt=Upload%20files%20for%20free%20-%20ukrnews.docx%20-%20ufile.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1376452430&gjid=2046503734&cid=726762776.1661400325&tid=UA-73416834-1&_gid=1304824436.1661400325&_r=1&_slc=1&z=129344370
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/plain
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
pica.js
ufile.io/cdn-cgi/challenge-platform/h/g/scripts/ Frame 96E4 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed0baf28f8f825d5cef25104dd11326f10796e20df1dff37afc454f1d450c0fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pErB2l06cAkQB3Jix9s17gQ6IDjp7cdh%2B%2Bq7ZO5r2VJpi5RKTP9Fzo0mIFBo9faimL2SJHztIfyvSyuHa73gn5PFdG0QwJy6kOusU7V7piE3nYNynFMY387DSQqH4ygBBtgWi%2FOV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
740172fc7a2e9978-FRA
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
integrator.js
adservice.google.com/adsid/ 		107 B
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
ads
securepubads.g.doubleclick.net/gampad/ 		136 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091290934766007&correlator=1149970393911294&eid=31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=22247219933%2Cufile_Vignette&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=812195063&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661400324623&lmt=1661400324&dlt=1661400324313&idt=273&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=726762776.1661400325&ga_sid=1661400325&ga_hid=817674924&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b82b9af397f1ba3e70a5ba5bf5c313d27fe282be83804527f399b06bf57fc4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40806
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BB62 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 04:05:24 GMT
expires
Fri, 25 Aug 2023 04:05:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022081802.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022081802.js?cb=31069131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
aee6c2e06609d7944ad8ad21dd3b6a8ad2c35bc7605523d59b2f28ade70b22a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 22:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13576
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:32:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Aug 2023 22:46:41 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73416834-1&cid=726762776.1661400325&jid=1376452430&gjid=2046503734&_gid=1304824436.1661400325&_u=IEBAAEAAAAAAAC~&z=335106416
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
pragma
no-cache
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Aug 2022 04:05:24 GMT
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/plain
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cat.hbwrapper.com/ 		15 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ufile.io
Date
Thu, 25 Aug 2022 04:05:24 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		324 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea100ea9febcb57877337f29b107a6f38a258a192bdd9dbbe4a0c7fd344055c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
740172fe2dd0bb97-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
tag.js
a.teads.tv/analytics/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
MY2axGObrvZwSiP12Z8xf0lYd1yv3MC2
content-encoding
br
last-modified
Mon, 22 Aug 2022 09:28:26 GMT
x-amz-request-id
ET5RQK7W63VQF4W6
etag
"b86fb801339e9f7d8ee05180f9a8320b"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Thu, 25 Aug 2022 04:05:24 GMT
accept-ranges
bytes
content-length
4822
x-amz-id-2
wN8vat/meBRKrZJFaxpwYZUU6NvBTioF1RNdEQWCS2RYvqlB25hUk7O4t4O7VjJ6jWGOKaGf7Xs=
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		60 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6422f88674675f6ecf473b4f5d5bf65a3ffa0c06f38e7ba429ba2fc015a62f75

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:25 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.223.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
hbjson
grid.bidswitch.net/ 		24 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.29.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-29-200.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cc3bcd93f2aa5a38ad99ef348aca4a5effb990fa381433fdc1a6a40a87b400a8

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ufile.io
date
Thu, 25 Aug 2022 04:05:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
mvo
tag.1rx.io/rmp/247939/0/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/247939/0/mvo?z=1r&hbv=7.9,2.1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ufile.io
pragma
no-cache
date
Thu, 25 Aug 2022 04:05:24 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ufile.io
date
Thu, 25 Aug 2022 04:05:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fb6107b7c3d0dc7590ce3d479c96690d1761e5be8ee2c1efdd17158aa3fc18b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 25 Aug 2022 04:05:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cc284f29-b4d5-4f0b-b8ca-ad762b9cb1f6
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.9.0
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
298f93b12035fe3d354d13647d5f01f0a2881862f78b7416c640cb3a5413a473

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
connection
close
x-sovrn-pod
ad_ap7ams1
access-control-allow-headers
X-Requested-With, Content-Type
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3594c3e4a345deebc7b6609bb2746435cbf0d5243f457669637fdce23ef113dc

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
869ff928dceab913deb137e5aa99b8ceb4e7520e0bb929f73e10d3ca66b785cf

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a9a421c0c844893ec6a4f744d5760cf646bcfe18e72b6030defa5b287e86061d

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
auction
tlx.3lift.com/header/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.9.0&referrer=https%3A%2F%2Fufile.io%2Fkfmz9q2y&tmax=2000
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.84.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-84-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1c86a6c742255619f3d9c1ff17e41ad7edb31824a09314cf17ca695e804b5bbe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
6054
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9c4924ddfab62496f4faa146387c17969d4e916172d2cd7c79e1bf02f87df120

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		410 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323466&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,39e59ad8-f6a3-4a5e-931b-95b68eb084f6,,&eid_pubcid.org=abd327e2-1769-46e6-8015-44cc1cc6f490%5E1&rf=https%3A%2F%2Fufile.io%2Fkfmz9q2y&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2Fkfmz9q2y&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_970x250_top&tg_i.gpid=%2F22247219933%2Fufile_970x250_top&tk_flint=pbjs_lite_v7.9.0&x_source.tid=aa9539f7-fc2d-4b3c-a971-b71eb18d3784&l_pb_bid_id=8659b5f98f71027&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.5564795199361889
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b3b57d866f71d90938de71e79b8e770f3c0f24808318f702964d7709e6aa9530

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:25 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
410
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		423 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323478&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,39e59ad8-f6a3-4a5e-931b-95b68eb084f6,,&eid_pubcid.org=abd327e2-1769-46e6-8015-44cc1cc6f490%5E1&rf=https%3A%2F%2Fufile.io%2Fkfmz9q2y&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2Fkfmz9q2y&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_728x90_stickyfooter&tg_i.gpid=%2F22247219933%2Fufile_728x90_stickyfooter&tk_flint=pbjs_lite_v7.9.0&x_source.tid=ea9cb0d5-09fe-4946-888f-e4d69d13d047&l_pb_bid_id=87c17551bfa6efd&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.24197011761181275
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5c6b5acb426c0b28ac1b87101adfcf8f05d07f2fc6bdc42e5a9ac4f2208f42a3

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:25 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
423
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		414 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323468&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,39e59ad8-f6a3-4a5e-931b-95b68eb084f6,,&eid_pubcid.org=abd327e2-1769-46e6-8015-44cc1cc6f490%5E1&rf=https%3A%2F%2Fufile.io%2Fkfmz9q2y&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2Fkfmz9q2y&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_970x250_mid_1&tg_i.gpid=%2F22247219933%2Fufile_970x250_mid_1&tk_flint=pbjs_lite_v7.9.0&x_source.tid=588b4f62-1ebb-4276-922b-b3b1a487b01a&l_pb_bid_id=88c69320bca789b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.7551018534189982
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c8d22a7698bf89ec9cbba462ae6af5f74c67ce3898cdfea86cee1ce4c27f350b

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:25 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
414
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Thu, 25 Aug 2022 04:05:25 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Thu, 25 Aug 2022 04:05:25 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Thu, 25 Aug 2022 04:05:25 GMT
server
ATS/9.1.10.25
740172f7ada9bb5c
ufile.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 96E4 		2 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/cv/result/740172f7ada9bb5c
Requested by
Host: ufile.io
URL: https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1661400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgpKsfFrzPeuk3p55d5EOBR2w9QgTO4tcACNNw%2F8ZrUclxVqAndE5x39Ge4BMWm317t6qY6cZOviRg9yJVsEfLF4niS5qeYSKiEwSL4YEG9q6tdhOBEiAIquAsIByqa5krVNHpy1"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
740172fedc359978-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 15:10:10 GMT
content-encoding
gzip
age
996915
x-guploader-uploadid
ADPycdtOeWvsDFPiWsWQ9evx4YNQGTd8nY_VAUfr8nrF_l5_DYpV_n0fBRS6CyfSjINRA5AOcNv0zYTnrujHlQUIkYJQ2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 13 Aug 2023 15:10:10 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.243.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-243-53.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
cache-control
public, max-age=86400
last-modified
Thu, 25 Aug 2022 03:28:43 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.53.155 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-53-155.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
afa1d5bcfbc58ede9d71fd9eb2c5b53c369f05f3255ea4a36398be35b52979b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:46 GMT
server
nginx
etag
W/"62fb454e-9dbd"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:05:25 GMT
container.html
6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4CF2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 04:05:25 GMT
expires
Fri, 25 Aug 2023 04:05:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
file-types.svg
ufile.io/assets/img/icons/ 		29 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/icons/file-types.svg
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2228375
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"74b8-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIphQ6%2Fq3FeA1rKM4RRAPh8DRyRvOZw6wcDbO9LdFBElmBGkdrEowB9vWuVPwzMPrGthOePCtViQpyzKmIFkMJK0cUTlUTZ098oS%2F7sjMg7uUHZ4Uj165q73DSz5%2BA%2Fj7Swxt0zU"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=2678400
cf-ray
740172ff2c609978-FRA
fpc
at.teads.tv/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=4f65ebf&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:25 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 25 Aug 2022 04:05:25 GMT
css2
fonts.googleapis.com/ Frame 4CF2 		4 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 02:21:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 04:05:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 04:05:25 GMT
css
fonts.googleapis.com/ Frame CB07 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 02:15:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 04:05:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 04:05:25 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame CB07 		2 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 01:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 08 Sep 2022 01:28:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame CB07 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 03:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1531
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 08 Sep 2022 03:39:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame CB07 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 08 Sep 2022 04:04:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB07 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 04:05:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame CB07 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 08 Sep 2022 04:02:59 GMT
l
www.google.com/ads/measurement/ Frame CB07 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAuecFg1TbWUnvt288M041WYIs8FaiWA6i-zIQMcwr3Et6CxG_AU0g9iDQ0lTF2ZZ_V0WS-ZcNvwwzKwIqAoW0WD2_xg
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame CB07 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 22:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 19:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 22:39:22 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 4CF2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 03:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
5162546928090487746
vary
Accept-Encoding, Origin
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 08 Sep 2022 03:59:02 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4CF2 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 03:13:07 GMT
x-content-type-options
nosniff
age
3138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 25 Aug 2023 03:13:07 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4CF2 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
URL: https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 01:11:37 GMT
x-content-type-options
nosniff
age
10428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 25 Aug 2023 01:11:37 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&rid=esp&cc=1
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
940727e015ad82ea3e9ecc3280c2db3e91806ebe4c69df50deb2e64f411e6ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
via
1.1 google
etag
W/"55-xLVH3+ZrtOcG5cqtMqvkkyvLqDw"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 25 Aug 2022 04:05:25 GMT
via
1.1 google
access-control-allow-origin
https://ufile.io
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame A4D4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ufile.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 04:05:24 GMT
server-processing-duration-in-ticks
2117
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
pagead2.googlesyndication.com/bg/ Frame 6470 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
164340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 06:26:25 GMT
sid
mug.criteo.com/ Frame A4D4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ufile.io&sn=ChromeSyncframe&so=0&topUrl=ufile.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=mtf0vXxKTjRSNVppUHpoT1QzaVRoMkJYZ2tpT2hzZksyeEdhdGdHM3UxQlcrbFBjM2F1RTlzeDJ3Wkd2WTZyVVN0YXJhenMrR1ByUDlKQmUrUTdXa25UKzgrejduazJhUkNMclgrQ1ZWNC9Vd3FJVVdqVHZmVkJKN2lCZn...
441 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mtf0vXxKTjRSNVppUHpoT1QzaVRoMkJYZ2tpT2hzZksyeEdhdGdHM3UxQlcrbFBjM2F1RTlzeDJ3Wkd2WTZyVVN0YXJhenMrR1ByUDlKQmUrUTdXa25UKzgrejduazJhUkNMclgrQ1ZWNC9Vd3FJVVdqVHZmVkJKN2lCZnozZ0Q0TGx3dXI0MUFtaklQb1ViaUVCOTdZUitWZzBpc1hkbUpHa0dKWmljWXdiVndVczBWdkZKeWtnRmRSeHFRRDF4NVo2TmltdlA3ZmlaaVR6VzNiR25mclZvemhTendpb2JWWnZhT0hhekhXZkJIaHBieURreVdNUVdSODlxUGlNcExFUDNjWkoxNXAwUm9BQzh1WE8vZ25rS3ZLdz09fA&cppv=2
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
0fb6f3cf7117606a82aa545914c6aaa4c7765f3d1f2c948fb3c2b3769277e54d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4548
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:24 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=mtf0vXxKTjRSNVppUHpoT1QzaVRoMkJYZ2tpT2hzZksyeEdhdGdHM3UxQlcrbFBjM2F1RTlzeDJ3Wkd2WTZyVVN0YXJhenMrR1ByUDlKQmUrUTdXa25UKzgrejduazJhUkNMclgrQ1ZWNC9Vd3FJVVdqVHZmVkJKN2lCZnozZ0Q0TGx3dXI0MUFtaklQb1ViaUVCOTdZUitWZzBpc1hkbUpHa0dKWmljWXdiVndVczBWdkZKeWtnRmRSeHFRRDF4NVo2TmltdlA3ZmlaaVR6VzNiR25mclZvemhTendpb2JWWnZhT0hhekhXZkJIaHBieURreVdNUVdSODlxUGlNcExFUDNjWkoxNXAwUm9BQzh1WE8vZ25rS3ZLdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1736
content-length
541
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 56E4 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 25 Aug 2022 04:05:25 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ufile.io/ajax/analytics/ 		0
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ufile.io/ajax/analytics/
Requested by
Host: ufile.io
URL: https://ufile.io/assets/js/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ufile.io/kfmz9q2y
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 25 Aug 2022 04:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icMGOSZck5ncw%2Fh8j0cecJnTmMwLj1Q3hpGej7xoMiF2vzXD6XJABeB1gPX%2BIX%2FrXJe0XcqphFMZr4RO77iyabt1zILqjy1PoEKmeqocXQ%2BK96A6ScUbzkUdBYCJEAAQ3jfVOCKr"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
740173036f369978-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
l.js
client.crisp.chat/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe3322149369708038a2dec8b5ab605f88f2f9a07291585babc870b3df401da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75155
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Mar 2022 13:16:27 GMT
server
cloudflare
etag
W/"622f402b-1f64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=86400
access-control-allow-credentials
false
cf-ray
74017303c9979060-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 26 Aug 2022 04:05:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081802&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1cf56dd9a6a38941df16cebf73dafe056265ac13cae02bbf570de6a76076815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11213
x-xss-protection
0
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
rum
cloudflareinsights.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
application/json

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://ufile.io
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
74017303bdc19c07-FRA
vary
Origin
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
86400
cf-ray
740173038d979c07-FRA
content-encoding
gzip
content-type
text/plain
date
Thu, 25 Aug 2022 04:05:25 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 04:05:25 GMT
client.js
client.crisp.chat/static/javascripts/ 		379 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?b2be41e
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ba33a81c7991dc6f5cf53028a16627e04dfb39f079c06f75e8366a5da29659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75155
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 13:12:02 GMT
server
cloudflare
etag
W/"62a737a2-5ec11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
740173042975995a-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 22 Aug 2032 04:05:25 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		327 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?b2be41e
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd538094f00a8f620f7f12c0a7ac0fcca74ee7b4388955470cd7f14c4fb602a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75155
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Aug 2022 07:11:53 GMT
server
cloudflare
etag
W/"6305cf39-51a36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
740173042976995a-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 22 Aug 2032 04:05:25 GMT
payment-options.png
ufile.io/assets/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/payment-options.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1242488
cf-polished
origFmt=png, origSize=32805
content-disposition
inline; filename="payment-options.webp"
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26398
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"8025-5e27de0365600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3k88VdS5HMVZTHvWZZKQglGn9Go5GA3tePRMLc7Yw7mYrPAPEKhfqxqpWUQ7wHofnMxewgidp249p%2FOXDa6dpbSzcIOj2%2BsdNAvFAu2FCz5C2yobN%2Fuc3qR%2BIg9kxXaD7aLF9RQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
740173042fb79978-FRA
cf-bgj
imgq:100,h2pri
banner.svg
ufile.io/assets/img/ 		17 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/banner.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50fb9ae1b5262d504366decc64cb6e262be51a9f07bacc82d698e08e4eb9b1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/kfmz9q2y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1572636
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1b1FliDGhcf4NvGpluhIU1V1aOgcGHjPv92sphUPLPwZo7GZVg0rMLfkCsC8tHOdi4N5XjcxpYu4dsJ2lY18oMCealYf72eykj0g2U0xHtJXiqkvN4WVoPeiGj6g51duhiZu7X%2Fr"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=31536000
cf-ray
740173042fb89978-FRA
expires
Thu, 06 Jul 2023 23:09:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA8C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11008
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 01:01:57 GMT
expires
Fri, 25 Aug 2023 01:01:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D058 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f02ca71b10a4063641175350bc609bc5bbad4eb3270b558c2e36900e57ec5e68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8mrgw320E4qzd1mOrajjBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-8mrgw320E4qzd1mOrajjBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 04:05:25 GMT
expires
Thu, 25 Aug 2022 04:05:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]},{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame EA8C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 21:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
22578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 21:49:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D058 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081802&jk=4091290934766007&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
/
client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/ 		212 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2022-7-25-4-5
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b2be41e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9b145cac87420c0fe1300b607f36f1250dec5eb8ad4805fbeb3f687aaf7633
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 25 Aug 2022 04:05:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
740173055a7c995a-FRA
access-control-allow-headers
Content-Type, Origin
expires
Thu, 25 Aug 2022 08:05:26 GMT
generate_204
tpc.googlesyndication.com/ Frame EA8C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BIjaww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1643547457112
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b2be41e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61e4d1bcf27943871aaa77e1bcc95c00f5faec80814c984081414acb1c45627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1776
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 25 Aug 2022 03:35:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
74017307acbf995a-FRA
access-control-allow-headers
Content-Type, Origin
expires
Thu, 25 Aug 2022 08:05:26 GMT
en.js
client.crisp.chat/static/javascripts/locales/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?b2be41e
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?b2be41e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
886ffb82e1da067712a7eec3fd3fa0a1b8879158d70d5d2d183824cb168434f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
75154
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 13:12:02 GMT
server
cloudflare
etag
W/"62a737a2-182c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
74017307dcee995a-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 22 Aug 2032 04:05:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081802&jk=4091290934766007&bg=!Hh2lHVnNAAYUOm8VNDo7ACkAdvg8WgjdzYYedh6Wk_nysXYnBJVWxiq0TyBkP0lmOP7twBRlwNvNJgIAAABUUgAAAAJoAQeZAuA6TI8yIetY_DX2sv17uZPFcxUfDqXsEhPTk19FEd33qs1hqljGwwDgcJf_BSncYQTjqA1klNPzhFL69z234nsYiaDq4ppUrTpTW_8oG6U_rhYeneQhGXFPR05avck6cvKXzIOgXkAK3aFsjAqBbxwEfWCxAkvhPYyt9MwgKI2Gz0mszkOkg0z9SoAVhgawQJiQqaVly2CmVLi8LPssjZ1rd7dplTenT8hp96oEL_goH91BZxNVPQ1XGX_QPZTtsoHf6_Jr4bzd30ilNOjLCLWc4eXnjCkbMiUcovVNYbQ6Q54F3g7UbB0NBsinPozuzX6cXxyQEG7z50KDPMpaMZwUdpjB9wNhwoqagR5zQ0FMBYBKolsgVIJngr-E58zC3LIPYUcWKSLIrAWOfY0Ou9ZbcB_SjG_BD-PEiZ1GixWYq9an3Ci8nW-WAMOsmSq9RnqX-P-jQy6916cejQ-Tduc6vCjd2kp2szuywk4xF1abdpupqdXK-WRRCnUYusEon3Z7kd4HiVWUu6bIOV5s7cii49JtMaoeZh0CiCkFp7_5E_rIABmO0-sCAP5OEDnTH1-t7Nxb5puVZsNvpKWVchQxE0CbhiHSzbPYy8MUPZy-fMrPb53SY9kocTyfEDtltpC1zfZ5CQTE4RyoOlYGnuV_qXiRsfC2eAKV6wOqeDtft_qmwubwn-9rH51ilMlIJsvw3_YlT1UZcSug4hos1_YNphMT9egg228hHhDj4xVJJiCtaprZeDMR-HKtNSWn2ja1Fyu8LN3G4a-DwvJX05shi0IOSttjKnisKun-nd6heSTApEzDbqukGAVR7aS0bMr3GD4FqIB7g6N4APkvojJ5U9_V_D01BCdXUr8M1yGaTMSKXFnMm6VP_AzI_3tZpTB1mCPWSaOXKlY17HHsa-XhTn7PuS8HUqpEsMkijzzRmg6IZh1eVkAygTxNQF6_8dE3Zg9T-fY8nz_WzvGHmS_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=ufile.io&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 25 Aug 2022 04:05:26 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
2013
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=ufile.io&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=u-NuwnxQZ0pra1NDSzQ3Zm5KeHM2cHk3RHVpRVdlSEplU28zY2VTdmxOdXBYUE9BOU0wRVdJRUdhQmN1TzNGa3o2bSt6UC9QZ3hjV3ZKN1RNMXlBdzNPcTUzMUpURTJ1WGpjOWhhVWFEZEtGOGY0S3ZUS1h6ZENNVkgzK3...
419 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=u-NuwnxQZ0pra1NDSzQ3Zm5KeHM2cHk3RHVpRVdlSEplU28zY2VTdmxOdXBYUE9BOU0wRVdJRUdhQmN1TzNGa3o2bSt6UC9QZ3hjV3ZKN1RNMXlBdzNPcTUzMUpURTJ1WGpjOWhhVWFEZEtGOGY0S3ZUS1h6ZENNVkgzK3NYY2JBYi9UeGtVZDRFcVBRRTgxTmNvQzlkL3oxUDQ2SzdlTTJIbTk0RkpXYnUvdmkrcnNyYk45T1VCUlU1SVFQOXdGWWtrQm9OTXpydy9Oc0hOUUI4UXFHRmdsdjFDR29saG1HOGZEZkN4YWFlOEZwWjJUVnZzZXYrZEkwU2hRUXZEWlBVZHp5b1l5MzdTMUl5UGZJUlo3QnczQy9Zdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5823a59db5f9aa8325acfb5a2bfe01fa2474a3acf88503e132910da8bd35b83e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:26 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3925
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:26 GMT
location
https://mug.criteo.com/sid?cpp=u-NuwnxQZ0pra1NDSzQ3Zm5KeHM2cHk3RHVpRVdlSEplU28zY2VTdmxOdXBYUE9BOU0wRVdJRUdhQmN1TzNGa3o2bSt6UC9QZ3hjV3ZKN1RNMXlBdzNPcTUzMUpURTJ1WGpjOWhhVWFEZEtGOGY0S3ZUS1h6ZENNVkgzK3NYY2JBYi9UeGtVZDRFcVBRRTgxTmNvQzlkL3oxUDQ2SzdlTTJIbTk0RkpXYnUvdmkrcnNyYk45T1VCUlU1SVFQOXdGWWtrQm9OTXpydy9Oc0hOUUI4UXFHRmdsdjFDR29saG1HOGZEZkN4YWFlOEZwWjJUVnZzZXYrZEkwU2hRUXZEWlBVZHp5b1l5MzdTMUl5UGZJUlo3QnczQy9Zdz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1533
content-length
541
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
integrator.js
adservice.google.com/adsid/ 		107 B
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091290934766007&correlator=1149970393911294&eid=31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_970x250_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C728x250&ifi=2&adks=2934328608&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D9373f3efcb9d2d1%26hb_bidder%3Dappnexus%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D0%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D8%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26wabt%3D33across%26waae%3D2000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s%26wabtr%3D33across&sc=1&cookie=ID%3Dcb1295ced3017111-22b7fc6d04ce00f0%3AT%3D1661400324%3AS%3DALNI_MZCvxyM4AnlCHfpH2eAjeViTHZOhA&abxe=1&dt=1661400326781&lmt=1661400326&dlt=1661400324313&idt=273&adxs=230&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&frm=20&vis=1&psz=1140x90&msz=1140x0&fws=0&ohw=0&ga_vid=726762776.1661400325&ga_sid=1661400325&ga_hid=817674924&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY_Lu0ma0wSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREbG5aemwyZEZSVVpUSmlRMU56TkVWdVJtRXhaejA5SW4wPRidu7SZrTBIABIVCgp1aWRhcGkuY29tGIi6tJmtMEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
90e5f708e17f2634f4e4471d55954d3dc3b9d4c65084f7e0dc76b67982f376f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12892
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ufile.io
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091290934766007&correlator=1149970393911294&eid=31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_728x90_stickyfooter&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=3228805518&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams3.adnxs-simple.com%26hb_adomain%3Dduelbits.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_size%3D728x90%26hb_pb%3D0.15%26hb_adid%3D994f4161af0e808%26hb_bidder%3Dsovrn%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D0%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D8%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26wabt%3D33across%26waae%3D2000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s%26wabtr%3D33across&sc=1&cookie=ID%3Dcb1295ced3017111-22b7fc6d04ce00f0%3AT%3D1661400324%3AS%3DALNI_MZCvxyM4AnlCHfpH2eAjeViTHZOhA&abxe=1&dt=1661400326785&lmt=1661400326&dlt=1661400324313&idt=273&adxs=0&adys=4408&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&frm=20&vis=1&psz=1600x4408&msz=728x0&fws=128&ohw=0&ga_vid=726762776.1661400325&ga_sid=1661400325&ga_hid=817674924&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY_Lu0ma0wSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREbG5aemwyZEZSVVpUSmlRMU56TkVWdVJtRXhaejA5SW4wPRidu7SZrTBIABIVCgp1aWRhcGkuY29tGIi6tJmtMEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
7da81d9acf056acd9ecffd70af2e8f8e3ee2c64de75729bcbb6d619639037fcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12943
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ufile.io
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091290934766007&correlator=1149970393911294&eid=31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_970x250_mid_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C728x250&ifi=4&adks=2068803453&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams3.adnxs-simple.com%26hb_adomain%3Dduelbits.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_size%3D728x90%26hb_pb%3D0.84%26hb_adid%3D98cc15e8ca20ba%26hb_bidder%3Dtriplelift%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D0%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D8%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26wabt%3D33across%26waae%3D2000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s%26wabtr%3D33across&sc=1&cookie=ID%3Dcb1295ced3017111-22b7fc6d04ce00f0%3AT%3D1661400324%3AS%3DALNI_MZCvxyM4AnlCHfpH2eAjeViTHZOhA&abxe=1&dt=1661400326788&lmt=1661400326&dlt=1661400324313&idt=273&adxs=230&adys=621&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&frm=20&vis=1&psz=1140x90&msz=1140x0&fws=0&ohw=0&ga_vid=726762776.1661400325&ga_sid=1661400325&ga_hid=817674924&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY_Lu0ma0wSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREbG5aemwyZEZSVVpUSmlRMU56TkVWdVJtRXhaejA5SW4wPRidu7SZrTBIABIVCgp1aWRhcGkuY29tGIi6tJmtMEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c3c9b2936561e10d6c2bda0d5130daee1ae437c16c94d17bbfc7e5c0cb75d739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17834
x-xss-protection
0
google-lineitem-id
5879301526
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377431845
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=u-NuwnxQZ0pra1NDSzQ3Zm5KeHM2cHk3RHVpRVdlSEplU28zY2VTdmxOdXBYUE9BOU0wRVdJRUdhQmN1TzNGa3o2bSt6UC9QZ3hjV3ZKN1RNMXlBdzNPcTUzMUpURTJ1WGpjOWhhVWFEZEtGOGY0S3ZUS1h6ZENNVkgzK3NYY2JBYi9UeGtVZDRFcVBRRTgxTmNvQzlkL3oxUDQ2SzdlTTJIbTk0RkpXYnUvdmkrcnNyYk45T1VCUlU1SVFQOXdGWWtrQm9OTXpydy9Oc0hOUUI4UXFHRmdsdjFDR29saG1HOGZEZkN4YWFlOEZwWjJUVnZzZXYrZEkwU2hRUXZEWlBVZHp5b1l5MzdTMUl5UGZJUlo3QnczQy9Zdz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 25 Aug 2022 04:05:26 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
999
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame 46D4 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 46D4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 46D4 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 46D4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 46D4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
css
fonts.googleapis.com/ Frame 46D4 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 03:51:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 04:05:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 04:05:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 46D4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 09:48:38 GMT
x-content-type-options
nosniff
age
65809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
server
cafe
etag
14819457070020093239
vary
Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 25 Aug 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 46D4 		295 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 07:50:56 GMT
x-content-type-options
nosniff
age
72871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 25 Aug 2022 07:50:56 GMT
l
www.google.com/ads/measurement/ Frame 46D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzzhqqwzKuVqnVb_Djf6q4MMbcz0Xv6ZY06mlWRvBQAYgalSYj-47U_96dQVGf9w63Ws6p0TZr7tP_rTh-gEXuDp_LaA
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 46D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrbvmBvUGY_jTM4LO3gOhuZmoA-Xc6YFsv6bVu94Qiv2ghMMBEAEgtejSgAFglYKAgLAHoAGr1bS7AsgBCeACAKgDAcgDCqoE-gFP0F9aZN_w7G2IKk46DN8Jb1Nw_6JNJRTOvcAcZdGJrZUwzGk0iJweX9Sbh8wtDi7pj-dhyqlcqLlQ7K4NjMlBEHnA8qQmDFLWED4wy95vICjrNnItYED4_I6kxTQcX2vF5-e3BR_uEqg4qufNfTnATsEGib5o_wX2venNdyaomn9XJOjp24h-h4xz8rubXIEwNV1YmfH6ALd3HlijxRI95IqUrJP74Y_teCWSc81yFy9n-NMN1KJqdalb0xQ4WpUhVgEpCJwBIYH3BTWJS6nOkcdxNIrv5hcbL3G-pD0FofofYxreTcCNIx2UnpOYebUVXDn0gJKy9J-dwATttKeVtQPgBAGSBQQIBBgBkgUECAUYBKAGLoAHxbSTyQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCy2RrSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi04Nzg3OTIzOTMwNDc4NjE4GKi8eA&sigh=VGQMQzUaYqo&uach_m=[UACH]&template_id=5000
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/3954760717202270972/ Frame 46D4 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3954760717202270972/downsize_200k_v1?w=600&h=314
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
747be7fa209c0b69a12979771c93df821bcf0d112c90479c299e54f433220b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:54:46 GMT
x-content-type-options
nosniff
age
33041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31050
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 17:29:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Aug 2023 18:54:46 GMT
truncated
/ Frame 46D4 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 46D4 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 46D4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
242bf97787ccf71d298bc5a19d0bf0e631b666d1eb1fc9bdb01f51255a12a158

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 46D4 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 08:44:44 GMT
x-content-type-options
nosniff
age
69643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 08:44:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B28F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubTOha8u4_RVVm6hEjap-l19JVHcIHaNfsATmGfNBt8kvNGdODT4VowT3k3MvSYdR7no53ypIkHiHe5-4jvdQhpih8Rt0gjC2WNhHpQ3zN-xxdOggTamg1Zy9N_sHYaC540q5QqlAuoHSVCXwZdYzMWGsJQbEzBl5A8QcuPGZEqzX6VMM5NrspUeG-1w7063dWT0B4SnBLjhTS6zFx6vS752vYcEoLufE-D_kIsq1FJ_cwjYJE-cTVW6Lx7HvnTfJiWA8uEL56EiZzq-wXJqcR5_2Efv4fe7CYCurL6EzsM0AxvNhdgyLJBKn7_8jxMsdzIhhCsjs&sai=AMfl-YTLa0zxyKjncCOh39BZkVMzTNvddU--kmUuGKfaZmyyEt-xc44ZJGBfnkkVzLw_gg0Nt9EGUfyMd1oKJ7uKI341EHuuA-bc6BX16MkapgaephBfgu6B9DLUaFhoEuo&sig=Cg0ArKJSzFNgRAQkxQhWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ttj
ib.3lift.com/ Frame B28F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=ufile_970x250_mid_1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-66.fra56.r.cloudfront.net
Software
/
Resource Hash
20809c9da25799d3c322de82bb1d25afb0a14578f6f50a21aedc22114318f25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:27 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
etag
"5d386c640306d47e834702c9e52178d60675020c"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
content-encoding
gzip
content-length
2160
x-amz-cf-id
yq18U7tVzABhSAgaka5Hl9WNzZTBXUEAXuGETAAAxeJnnhy9XIIxzw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B28F 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 04:05:27 GMT
notify
tlx.3lift.com/s2s/ Frame B28F 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=0.843&ts=1661400324&aid=45123400797664263220332&ec=7963_149752_29094&n=GokHaHR0cDovL2V1LnNwb3J0cmFkYXJzZXJ2aW5nLmNvbS9ub3RpZnkvV0labjhmQ2hObjRDeDBxV0RvWDVMa21KenVvZ2l2c2xKNDZFTi11TmlpU0dCbjhOV2pPbU0zNmtLcEJaWmgyanhESkViRDNqeVdYU0Y2TExzR0J1dk11Mm5wSGswU194RE1HMzRhakxYMFo5eEZ3RGZtYmJkekFRZGJ4eEsyTzdJcTU5Nm80LV9VakEweWNnYVJCOXJYWklmaHV4bGhtaGtUbEpUSlZPOVFEZVZKbHF1VmNzMDVPY2lBM1JFbVhJZWx2dTBEVEJfakl3aFlHcVlKRkpTT1VPUjIza0x4a2hwTnFieFpic25rc1dwbVZkOGVLVV8tQWM2RXBZb1U5RVpqZGVTMlhEclh6OGRHeWVHX3k2OHpKVjktMkpyelRPbDBMNWpHekR6UjN0YTdOQmpxa0luNjdQR2xVWmJGUE5jYjN4V0NMbm1lZERic1p4WnNkNHJqNk9qZHZtVzY4Y1hCZkdaeXNiRE5GVjY2aHFEOUkxLXVzRG9ZbG1kTGg4aDZTZlB6SVgycWVIR001UUliaElCb2x4NXRYYld1cVJqR0dSMW5XZFhacVRBeWZCdG5IN3UwbEY2TXVkUHZfaXhxNHV2dE1jNmZUdDBCNFdrTzlPbjBnR1J1QlFjS1ktZ1JHWk1TMUw3QlFkaXFCSjZVbWwwQVZlTUQ3RDN5OXUwSU9xVS04bmUtcWFfMnJ5UGdTbUt6TEJYTDdORFVYUjlEOENNNVJIcnlPZ2VvTlVHYVB0Q3VBYWZ2MkdBLV9TbWZTRTJRUFA3Ynk4eXFuTDVGWlRaQ3duMi0xbjVLeW5qS0tlZzF5Y2FpamtPVXFIbk93ZHpJTFNmZUptYnJGN1dTaTUwNEhCRC11ZTVQdF9Ja3pVLUo3QkpIalZnbzVac0E5OUotVTJIVmN5ZkM5dlBwaXFPMmxCYUNoa0RSUWpNUmpNVW1CUC01aUZpTEJYcEVUUkpTZnZHTGVEZzFUaWlYMzhmUTMzazhSa3BReF80dkN3MDBHeDlJSzQtckcyOU8zYzNsRmpVV2lFaHFRd3hYM2FlUlAzSmxOWDRaM2RHTVpqNjJ2bDR4UklPVC1Xak92VDR4Z0U2a1VmRVZnZE5rUENIV2ZPWFVZQ2x4MmU2SkRCUzJLNENsMC8wLjk2OS%2FyAr8BCAASFzQ1MTIzNDAwNzk3NjY0MjYzMjIwMzMyGAAgASibPjD4kQlAAUgAUABgCmgAcOq%2FIpABAJgBAKgBALgBCcABywbIAckH8AEA%2BAHJB4ACywaRAgAAAAAAAPA%2FmQKkcD0K16PAP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Avo4gAPYBYgDWpADAJgDAKADALgDtKEnyAMA0gMFMjkwOTTgA8ryogHpAwAAAAAAAAAA8APJB%2FkDAAAAAAAAAAD4AimIAwCSAwQzb3k3mAMAoAO4jxWoAwA%3D
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.84.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-84-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame B28F 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=45123400797664263220332
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
bundle.js
ib.3lift.com/rev/d4dfc0c2854e9f9372edd516b9dab7e92cb1de3d/dist/ Frame B28F 		166 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/d4dfc0c2854e9f9372edd516b9dab7e92cb1de3d/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=ufile_970x250_mid_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-66.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14617ac5dba86061ae843e682417f7d0abfbfd5ca9ba3c44a9bbedb4d57bb2ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 16:53:31 GMT
content-encoding
gzip
last-modified
Mon, 22 Aug 2022 16:44:07 GMT
server
AmazonS3
age
213117
etag
"e75bdc7bc4fc4b4a312c758166c89150"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
53961
x-amz-cf-id
snV4xbeIn129_-81oCqJD_fqufAJdFhioQNH1axVNgud1nfHzIb1mA==
truncated
/ Frame B28F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d912e33c68642d7c00f42ac21211ff5be562d1d8900d46c0a7658b91461d1f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame 8127 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 8127 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 8127 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 8127 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 8127 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
204734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 19:13:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 19:13:13 GMT
css
fonts.googleapis.com/ Frame 8127 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 02:12:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 04:05:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 04:05:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8127 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 09:48:38 GMT
x-content-type-options
nosniff
age
65809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
server
cafe
etag
14819457070020093239
vary
Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 25 Aug 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8127 		295 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 07:50:56 GMT
x-content-type-options
nosniff
age
72871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 25 Aug 2022 07:50:56 GMT
l
www.google.com/ads/measurement/ Frame 8127 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYq4cPtkQmEdjHet1H97deHQrPQfF1V9XKcoW2GAQ9dSXAvwXnQ9h-C-kbhbVLcDXaZtt1-Qhk4whMN29nPmSIkfAEFg
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 8127 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C78vVB_UGY8b6FZKR3gP62ZSADOH2mcBrguTx7rEQmJL4h7MCEAEgtejSgAFglYKAgLAHoAHq1PzoAsgBCakC7kTHWjO4sD7gAgCoAwHIAwqqBIECT9AD_zrlwsCLN4MaKD-H0sXYBPOKsIBr2wGZkt8cPXj8z8M8kNMDqXmR_nqgmSM15lQU-tvOe3di81G1L8XRdLbR1Q-r-p9EGhVTmC5MSkhKpF0QTZNkQsW2YPNPLFcoZaBuF3-dsuPPL2SbQiWBt5mL41JYxRI6ehHKSIlkutUCa6qyzWgIHOwzNQV3CoTrdC868U1Nk-WiEvoZOJFnPmsRbSjg8PjsWv4uaA5pWSvLtOZT7DhnYOQkkrybxQoNJV3wGj9x5eLpwVt0jkR-8cWEcNApGW-rcTjQFZwdmKoMAmDzOjeHq7E0aAGqP_eDtauhw1VRvnm5q7WuOo2p-xTABPbMq46WBOAEAaAGLoAH_qqDlwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDE3BHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbgT5APYEwOIFAHQFQGAFwGyFx4KHAgAEhRwdWItODc4NzkyMzkzMDQ3ODYxOBiovHg&sigh=DVK5X6fOox4&uach_m=[UACH]&template_id=484
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
6592766407814317453
tpc.googlesyndication.com/simgad/16247526954703455928/ Frame 8127 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16247526954703455928/6592766407814317453
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
945b45d349d909653fd7315892979c584fa2b828d0da8ab486837c48ead7076c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 22:29:06 GMT
x-content-type-options
nosniff
age
452181
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20694
x-xss-protection
0
last-modified
Tue, 03 Nov 2020 13:40:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Aug 2023 22:29:06 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14240473641367938313/ Frame 8127 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14240473641367938313/downsize_200k_v1?w=100&h=100
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dda372d28320c5bd3cb0270f3197ebee314388b9603e1312763407cf7d07ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 00:08:29 GMT
x-content-type-options
nosniff
age
273418
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2272
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 13:57:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Aug 2023 00:08:29 GMT
truncated
/ Frame 8127 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b06a8c56d6c09b9cbc98dd2d31f7d9935aceaabb99ee52f32775c255b105b231

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8127 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
340546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 05:29:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8127 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ufile.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
590616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 08:01:51 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=ufile_970x250_mid_1&aid=45123400797664263220332&rev=d4dfc0c&pr=un&bc=0.969&bmid=7963&biid=7290&sid=149752&brid=565226&adid=29094&crid=2668874&ts=1661400324&bcud=969&ss=41&caid=0&unid=0&domain=ufile.io&ref=https%253A%252F%252Fufile.io%252Fkfmz9q2y&rr=creative&fid=10&rb=0&g=0&cb=88298
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame D38A 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame B28F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-66.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 04:15:12 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
604216
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
3125
x-amz-cf-id
ZeS8I3OCVy8qzGgifDFfObjZjUXEkZJrE4DvnEce3vKTQQIqPTgjeg==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame B28F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-66.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 13:30:14 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
520041
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
3518
x-amz-cf-id
QAho886ZX_dJPkH9bjSydkCeeaS6Zu4yfbq8y0DYGKu8jLF3vrYjKg==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=ufile_970x250_mid_1&aid=45123400797664263220332&rev=d4dfc0c&cta_render_method=1&cta_render_text=&cb=54880
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=ufile_970x250_mid_1&aid=45123400797664263220332&rev=d4dfc0c&pr=un&bc=0.969&bmid=7963&biid=7290&sid=149752&brid=565226&adid=29094&crid=2668874&ts=1661400324&bcud=969&ss=41&caid=0&unid=0&domain=ufile.io&ref=https%253A%252F%252Fufile.io%252Fkfmz9q2y&rr=creative&fid=10&rb=0&g=0&cb=83628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
728x90.jpg
creatives.sportradarserving.com/f6acecb9-6dd3-4c97-9cc7-db90d863683e/ Frame 7C14 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sportradarserving.com/f6acecb9-6dd3-4c97-9cc7-db90d863683e/728x90.jpg
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f18 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e3ece30df70d3d1a28c0eedfb36f7bbdbf46340b97020205af97e3abe258d3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:28 GMT
last-modified
Mon, 18 Oct 2021 10:16:32 GMT
server
AkamaiNetStorage
etag
"83dcd515b19209fdc4a8228d7269b1d2:1634552192.700243"
content-type
image/jpeg
cache-control
max-age=600
accept-ranges
bytes
content-length
34627
expires
Thu, 25 Aug 2022 04:15:28 GMT
WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0...
eu.sportradarserving.com/mimp/ Frame 7C14 		43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/mimp/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0DTB_jIwhYGqYJFJSOUOR23kLxkhpNqbxZbsnksWpmVd8eKU_-Ac6EpYoU9EZjdeS2XDrXz8dGyeG_y68zJV9-2JrzTOl0L5jGzDzR3ta7NBjqkIn67PGlUZbFPNcb3xWCLnmedDbsZxZsd4rj6OjdvmW68cXBfGZysbDNFV66hqD9I1-usDoYlmdLh8h6SfPzIX2qeHGM5QIbhIBolx5tXbWuqRjGGR1nWdXZqTAyfBtnH7u0lF6MudPv_ixq4uvtMc6fTt0B4WkO9On0gGRuBQcKY-gRGZMS1L7BQdiqBJ6Uml0AVeMD7D3y9u0IOqU-8ne-qa_2ryPgSmKzLBXL7NDUXR9D8CM5RHryOgeoNUGaPtCuAafv2GA-_SmfSE2QPP7by8yqnL5FZTZCwn2-1n5KynjKKeg1ycaijkOUqHnOwdzILSfeJmbrF7WSi504HBD-ue5Pt_IkzU-J7BJHjVgo5ZsA99J-U2HVcyfC9vPpiqO2lBaChkDRQjMRjMUmBP-5iFiLBXpETRJSfvGLeDg1TiiX38fQ33k8RkpQx_4vCw00Gx9IK4-rG29O3c3lFjUWiEhqQwxX3aeRP3JlNX4Z3dGMZj62vl4xRIOT-WjOvT4xgE6kUfEVgdNkPCHWfOXUYClx2e6JDBS2K4Cl0
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.17.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-17-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:05:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
eu.sportradarserving.com/ul_cb/content/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlh... Frame 7C14
Redirect Chain
  • https://eu.sportradarserving.com/content/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhux...
  • https://eu.sportradarserving.com/ul_cb/content/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rX...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/ul_cb/content/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0DTB_jIwhYGqYJFJSOUOR23kLxkhpNqbxZbsnksWpmVd8eKU_-Ac6EpYoU9EZjdeS2XDrXz8dGyeG_y68zJV9-2JrzTOl0L5jGzDzR3ta7NBjqkIn67PGlUZbFPNcb3xWCLnmedDbsZxZsd4rj6OjdvmW68cXBfGZysbDNFV66hqD9I1-usDoYlmdLh8h6SfPzIX2qeHGM5QIbhIBolx5tXbWuqRjGGR1nWdXZqTAyfBtnH7u0lF6MudPv_ixq4uvtMc6fTt0B4WkO9On0gGRuBQcKY-gRGZMS1L7BQdiqBJ6Uml0AVeMD7D3y9u0IOqU-8ne-qa_2ryPgSmKzLBXL7NDUXR9D8CM5RHryOgeoNUGaPtCuAafv2GA-_SmfSE2QPP7by8yqnL5FZTZCwn2-1n5KynjKKeg1ycaijkOUqHnOwdzILSfeJmbrF7WSi504HBD-ue5Pt_IkzU-J7BJHjVgo5ZsA99J-U2HVcyfC9vPpiqO2lBaChkDRQjMRjMUmBP-5iFiLBXpETRJSfvGLeDg1TiiX38fQ33k8RkpQx_4vCw00Gx9IK4-rG29O3c3lFjUWiEhqQwxX3aeRP3JlNX4Z3dGMZj62vl4xRIOT-WjOvT4xgE6kUfEVgdNkPCHWfOXUYClx2e6JDBS2K4Cl0/
Requested by
Host: ufile.io
URL: https://ufile.io/kfmz9q2y
Protocol
HTTP/1.1
Server
3.124.17.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-17-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

Location
https://eu.sportradarserving.com/ul_cb/content/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0DTB_jIwhYGqYJFJSOUOR23kLxkhpNqbxZbsnksWpmVd8eKU_-Ac6EpYoU9EZjdeS2XDrXz8dGyeG_y68zJV9-2JrzTOl0L5jGzDzR3ta7NBjqkIn67PGlUZbFPNcb3xWCLnmedDbsZxZsd4rj6OjdvmW68cXBfGZysbDNFV66hqD9I1-usDoYlmdLh8h6SfPzIX2qeHGM5QIbhIBolx5tXbWuqRjGGR1nWdXZqTAyfBtnH7u0lF6MudPv_ixq4uvtMc6fTt0B4WkO9On0gGRuBQcKY-gRGZMS1L7BQdiqBJ6Uml0AVeMD7D3y9u0IOqU-8ne-qa_2ryPgSmKzLBXL7NDUXR9D8CM5RHryOgeoNUGaPtCuAafv2GA-_SmfSE2QPP7by8yqnL5FZTZCwn2-1n5KynjKKeg1ycaijkOUqHnOwdzILSfeJmbrF7WSi504HBD-ue5Pt_IkzU-J7BJHjVgo5ZsA99J-U2HVcyfC9vPpiqO2lBaChkDRQjMRjMUmBP-5iFiLBXpETRJSfvGLeDg1TiiX38fQ33k8RkpQx_4vCw00Gx9IK4-rG29O3c3lFjUWiEhqQwxX3aeRP3JlNX4Z3dGMZj62vl4xRIOT-WjOvT4xgE6kUfEVgdNkPCHWfOXUYClx2e6JDBS2K4Cl0/
Date
Thu, 25 Aug 2022 04:05:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
eb2.3lift.com/ Frame 2362 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=76925
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/d4dfc0c2854e9f9372edd516b9dab7e92cb1de3d/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 25 Aug 2022 04:05:28 GMT
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=ufile_970x250_mid_1&aid=45123400797664263220332&rev=d4dfc0c&pr=0.843&bc=0.969&bmid=7963&biid=7290&sid=149752&brid=565226&adid=29094&crid=2668874&ts=1661400324&bcud=969&ss=41&caid=0&unid=0&cepos=0&ceid=0&cb=38157
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8127 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 09:48:38 GMT
x-content-type-options
nosniff
age
65810
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
server
cafe
etag
14819457070020093239
vary
Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 25 Aug 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8127 		295 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 07:50:56 GMT
x-content-type-options
nosniff
age
72872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Thu, 25 Aug 2022 07:50:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B28F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYebxDFQINwpWuzjVLohqq4lx6YkT3C3onOeUlYNw5tl2DDyvfvECxPg8nbTA7ruzf7ol7S3XYmSpjQ--yHCeMFYqiTYzTNm1vQWIZNTMRFsnwgpsubm1KenxrTT9rsmSpKhyU0sD3M3CMxhoLaTTQPKRBZrGbwAGpe2r57NR70fNZVZBXOcR49iWWTY5NRPgAFfZtSSXv_Cv_fJPhPHEpOgZgv7CFxoRN23BmTCJ3-tB8W7aN0iC5VhmLO8mFHcgDeHFxwfnAPgTGtqa03VRIfARNiFAmEYkFl_WzSfAJzwwtcN714pkMIFTRLJTdABaOrlLwU4z4Ww&sai=AMfl-YQXA2n5adG9rEaDxKkqxyLuSNHV4sqbUgtwfLyxzoHI51ZDaLLpVwQkUFYArErvsoCOf1kltXb8nJAsWWgC1p-rQq8aRQGKy8l4Cp90VMFKTwPUq2riAUU94U5nVH0&sig=Cg0ArKJSzDv9PTLYjsJaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 25 Aug 2022 04:05:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 46D4 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsXHAw2MtMXwcR7h5te4VCjUuryp-Q-G7-HZpvTRZvg8_8wvEA1M-xrxPTiscZUF2-ar8DeudvN_V01RDiR_qWBziw_maoq9-C-CQCH83hBvR8JmsKvhERMX89rjuY8WKGa7DLLBGJFSxR&sai=AMfl-YS0s4NFb98XYyCqHsH3bLgIhI3KbLToJGBJkvKkEe32P0FfqnWDu7f1Ve1cGKymEZAd1fYdPOv4ywdC5eJUGddcxTGx5h6hzi8UgN8LDzgSue0NUyZmIoSpud_E&sig=Cg0ArKJSzPaNKgshdXKwEAE&cid=CAASF-RonN_dQpLGZ8DNCeDYEBerCXfDKTVV&id=ampim&o=315,220&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=203&tls=1204&g=100&h=100&tt=1204&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
pragma
no-cache
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=ufile_970x250_mid_1&aid=45123400797664263220332&rev=d4dfc0c&pr=0.843&bc=0.969&bmid=7963&biid=7290&sid=149752&brid=565226&adid=29094&crid=2668874&ts=1661400324&bcud=969&ss=41&caid=0&unid=0&cepos=0&ceid=0&cb=54758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0...
eu.sportradarserving.com/vimp/ Frame 7C14 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/vimp/WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0DTB_jIwhYGqYJFJSOUOR23kLxkhpNqbxZbsnksWpmVd8eKU_-Ac6EpYoU9EZjdeS2XDrXz8dGyeG_y68zJV9-2JrzTOl0L5jGzDzR3ta7NBjqkIn67PGlUZbFPNcb3xWCLnmedDbsZxZsd4rj6OjdvmW68cXBfGZysbDNFV66hqD9I1-usDoYlmdLh8h6SfPzIX2qeHGM5QIbhIBolx5tXbWuqRjGGR1nWdXZqTAyfBtnH7u0lF6MudPv_ixq4uvtMc6fTt0B4WkO9On0gGRuBQcKY-gRGZMS1L7BQdiqBJ6Uml0AVeMD7D3y9u0IOqU-8ne-qa_2ryPgSmKzLBXL7NDUXR9D8CM5RHryOgeoNUGaPtCuAafv2GA-_SmfSE2QPP7by8yqnL5FZTZCwn2-1n5KynjKKeg1ycaijkOUqHnOwdzILSfeJmbrF7WSi504HBD-ue5Pt_IkzU-J7BJHjVgo5ZsA99J-U2HVcyfC9vPpiqO2lBaChkDRQjMRjMUmBP-5iFiLBXpETRJSfvGLeDg1TiiX38fQ33k8RkpQx_4vCw00Gx9IK4-rG29O3c3lFjUWiEhqQwxX3aeRP3JlNX4Z3dGMZj62vl4xRIOT-WjOvT4xgE6kUfEVgdNkPCHWfOXUYClx2e6JDBS2K4Cl0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.17.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-17-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:05:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 8127 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHJDNziAkEqVF4_G5PALA3geEOO74BASK6rpcwy0cLkMvRGLFecgyvW0Jkqb1tU3e8xGqP3v6v3UTSG8xmzgEu0ukgXJuYG3-cUoL19QDksXioUAjr-mPBjmHfNpErATrD6vCp3mbWls9ZpLT7kCkfLX7iM0eLR43Ah41yzOYv5LAUMkfS17Lf-IJA7-tTRHkrErQURE1sBhxEqQl2-AH-JsZXAs8vZMg3T1ukFzWtopDPN1fHQsJUWRSANxKjjmPowzH2CDNO2t_aXZnBL69sWFlNvyaYKAEpV6ifBUrR8Po1drDeyxeCsLNpRqaMYCQx7RMzk_mxk-_litla9Ts41yL1YT22Q1GyoS2f3lJyxgkc9WnBezuYUAHEwg3AVEbKRV8VisEcwa8ZT38uyBaPb9gtBhizC_t13xrKPJuEmR9OBQ96_0mjGmI-wWOiDj7GXAtPidNUKsL3YWEvhnGailUQ0--EsyeJO_MT09UahgATZy62GvLhqDjnQT9OlubCWY_v0QygYD2QN7-l6s_FiWvUID96ViLdF7_NL781d_FGgwWiC21X3JtqaLfgd2u_DxSC0LedhrfSm1R0W5qr1GEtRYAVokczMrlDxzElbOpeONbf1dgxKqVpmtl-oy232RZUXExGrSH00yOsL6fD7UP6ZItnab26rDMS8k_PNtu8tb7cIEjpTWr4asY-WlpIC_1Nl_oBjX1lrE8CN1yj5Te-xX-uuHMt5eeyZ5FtYW8clXHRrSr3lwZOzF5JVup29Xa9ybDGMWoeIhQ33NwhTuplTMWAzqvmFrzRhqBvtt-5dLeiC-9QC6yMFO5MryOpY9ajnCVrHXkFcZO_d5EEZ5QP6cq_rJRPJxSy8dScH6FvcFrLnLykWbPTERseQVee6G3_yfv4xHK0h-jR2uhqH7-AUhditk-GtSafp5F-PbANzHaBhdV5B1FhhfyCHI4x-SWFBn8qk67q7l3MGxajARi_rTY3P49Ko825pg61Pz54Da9EtN_dyQ30Fz2qkqmFIKT-GNM9BaEsNkZIegx262ZSwF1kwo9Wslf6pDD_uKaXJbwSKnyt&sai=AMfl-YRXXcWXGRAvXy54yphyCgT7TCpyz5a9if6hWFWdYbIoHCUPYCgG6dZLI5qEqY8LgWbfnMu0HRdLL2K-gAAfDXsD6iod3YYNDBAuqzQAYSNi6V4-wTyPUq5gr5SLjf2y_7nGOQJjRPxmeg&sig=Cg0ArKJSzL6zG7eSAxyLEAE&cid=CAASF-Ro8M8FJZv617Xx9Q5G1Tops5MkDRFZ&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=382&tls=1382&g=100&h=100&tt=1382&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
pragma
no-cache
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B28F 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu26ySwfO-m8hCMzc1mZUxKGKyU8MvIFrVclxEnU7-4YuQaijaqTpyB8boqqUuRmH9pCAQtILOjCFuDeONsuNrYDEmaDtBLXanOy3de-8-82yOAaMql&sig=Cg0ArKJSzF2F0ssSlFjjEAE&id=lidar2&mcvt=1000&p=781,436,871,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2068803453&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661400327382&rpt=952&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
pragma
no-cache
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_sync
prebid.adnxs.com/pbs/v1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f251987dc3737b35cc0fcbd0981bc839f7b42b419ef67c91d7fc563cf983ead1

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:39 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3...
  • https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:40 GMT
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
151c3c24-eb25-4fc9-922f-878c7992585b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 25 Aug 2022 04:05:39 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Thu, 25 Aug 2022 04:05:39 GMT
connectmyusers.php
cdn.connectad.io/ Frame C0B1 		1 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr=&consent=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7401735da9db9158-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 04:05:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
1
sync-eu.connectad.io/syncer/ Frame AD7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr=&consent=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr=&consent=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7401735e1a149158-FRA
date
Thu, 25 Aug 2022 04:05:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1661400340297
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8231534645
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8231534645
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:40 GMT
etag
RXb5c0d413b9364347b16617dd50594372003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8231534645
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58626/occ?gdpr=&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58626/occ?gdpr=&gdpr_consent=&verify=true
  • https://ib.adnxs.com/prebid/setuid?bidder=yahoossp&uid=y-r6s9Md1E2uFYuaLewsO9SL8oMjkAP_UHoU.as_c-~A
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=yahoossp&uid=y-r6s9Md1E2uFYuaLewsO9SL8oMjkAP_UHoU.as_c-~A
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:41 GMT
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c9bdf11f-1db7-4a45-98ad-262f296f600d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=yahoossp&uid=y-r6s9Md1E2uFYuaLewsO9SL8oMjkAP_UHoU.as_c-~A
date
Thu, 25 Aug 2022 04:05:41 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
prebid-match.dotomi.com/match/bounce/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&uid=a0fb30e0-64cc-4d2e-9a43-75761c458542
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&uid=a0fb30e0-64cc-4d2e-9a43-75761c458542
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:41 GMT
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0ec4244b-21af-4eb5-b632-a5a9f7da8286
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Location
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&uid=a0fb30e0-64cc-4d2e-9a43-75761c458542
Date
Thu, 25 Aug 2022 04:05:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
eb2.3lift.com/ Frame 2A7B 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 25 Aug 2022 04:05:41 GMT
usync.html
eus.rubiconproject.com/ Frame 0907 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 04:05:41 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 7B8B 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQWX43D&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-38-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
73ccbf7b2c5411a9fb2aa4ab3bc561789798f34ce78bfd7478337df12d9d97aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7826
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 04:05:41 GMT
expires
Sat, 27 Aug 2022 04:05:41 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F883 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=148803
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86000
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 04:05:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 03:59:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 7788 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13408118
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date
Thu, 25 Aug 2022 04:05:41 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
x-sovrn-pod
ad_ap7ams1
/
ssc-cms.33across.com/ps/ Frame 163C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bxLpdiLMCr7iodrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 25 Aug 2022 04:05:42 GMT
server
33XP002
x-33x-status
2000208
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6090 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83846
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 25 Aug 2022 04:05:42 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 974618
X-Served-By
cache-lga21935-LGA, cache-hhn4077-HHN
X-Timer
S1661400342.030595,VS0,VE0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=themediagrid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&&user_id=us6luurIpLmhmPO7u8q47bic87-hzaS4uspaZ5yI
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&&user_id=us6luurIpLmhmPO7u8q47bic87-hzaS4uspaZ5yI
Protocol
HTTP/1.1
Server
3.67.157.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-157-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:05:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&&user_id=us6luurIpLmhmPO7u8q47bic87-hzaS4uspaZ5yI
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
eb2.3lift.com/ Frame 92E9
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
b9573d69a33ef46db38f706b77f91801ec31351735c9299292d53811c273f6ee

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
486
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 04:05:41 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 25 Aug 2022 04:05:41 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
PugMaster
image6.pubmatic.com/AdServer/ Frame F883 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31765956&p=148803&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=148803
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:41 GMT
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 92E9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame 92E9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzcxODY5MDkwNDE0ODI0MTQ1Mg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 92E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSmy09gn_j0owq3mUYfQIU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSmy09gn_j0owq3mUYfQIU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSmy09gn_j0owq3mUYfQIU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92E9
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzcxODY5MDkwNDE0ODI0MTQ1Mg%3D%3D
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzcxODY5MDkwNDE0ODI0MTQ1Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzcxODY5MDkwNDE0ODI0MTQ1Mg%3D%3D
date
Thu, 25 Aug 2022 04:05:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 92E9 		0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1463718690904148241452&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:41 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 19626914CC1640DFB4A1AABCA4D7787C Ref B: FRAEDGE1406 Ref C: 2022-08-25T04:05:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXnCOk5IMFFVN9wmd2FKw==
sync
odr.mookie1.com/t/v2/ Frame 92E9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1463718690904148241452&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ec3ff4c2-efdf-4dcb-8e8a-396d7d3ea113&ssp=triplelift&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ec3ff4c2-efdf-4dcb-8e8a-396d7d3ea113&ssp=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ec3ff4c2-efdf-4dcb-8e8a-396d7d3ea113&ssp=triplelift&gdpr=0&gdpr_consent=
Date
Thu, 25 Aug 2022 04:05:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 92E9 		42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1463718690904148241452&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
etag
"de363c295b2d81:0"
last-modified
Wed, 17 Aug 2022 23:56:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9BCB9C5C73CD4F3B8AC62A0EE0ADC014 Ref B: FRAEDGE1116 Ref C: 2022-08-25T04:05:42Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 92E9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1463718690904148241452?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eJHVYCRE2oTKp433Am.ma7BYz0U7CxhHme6EtIMS_w--~A&dongle=0883
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eJHVYCRE2oTKp433Am.ma7BYz0U7CxhHme6EtIMS_w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Thu, 25 Aug 2022 04:05:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eJHVYCRE2oTKp433Am.ma7BYz0U7CxhHme6EtIMS_w--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 92E9
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1463718690904148241452
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1463718690904148241452&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1463718690904148241452&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AS0AAC5DHFF5MSAJM56K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1463718690904148241452&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 92E9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 92E9 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=b&uid=1463718690904148241452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:42 GMT
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1ef60ea8-7291-4bb1-82eb-af79569c8fa2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 0907 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ebf9218a016a4a06e257c70b58ebef5da0dc3ae22a3e28b9d394e688f54a228a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 04:05:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10400
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Thu, 25 Aug 2022 06:59:02 GMT
async_usersync
ib.adnxs.com/ Frame 6090 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:42 GMT
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ecd4886f-248e-4bc0-8b01-c4daae4fa2d2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2JmNThiMmE4M2IwZWI4OGZmZjBhZGJlZGM2NzVhYTNlODIxNGEwMw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2JmNThiMmE4M2IwZWI4OGZmZjBhZGJlZGM2NzVhYTNlODIxNGEwMw
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2JmNThiMmE4M2IwZWI4OGZmZjBhZGJlZGM2NzVhYTNlODIxNGEwMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0907
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOGAgKZpKMWzybBKGvKHnJs&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOGAgKZpKMWzybBKGvKHnJs&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOGAgKZpKMWzybBKGvKHnJs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 0907
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ppCjWWjDTDK_Xkmd87yMqg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ppCjWWjDTDK_Xkmd87yMqg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ppCjWWjDTDK_Xkmd87yMqg
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T1BDBYR669X8R7E00R24
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ppCjWWjDTDK_Xkmd87yMqg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LMLJ9WL-36VquTBlCpTfbMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5464374574504512034
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5464374574504512034
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Thu, 25 Aug 2022 04:05:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5464374574504512034
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 0907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4SVVWNUYtMTAtSE9WNA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4SVVWNUYtMTAtSE9WNA==
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4SVVWNUYtMTAtSE9WNA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 0907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L78IUV5F-10-HOV4
0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L78IUV5F-10-HOV4
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:41 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 26650C883123480AAD67E209DEAF2497 Ref B: FRAEDGE1406 Ref C: 2022-08-25T04:05:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXnCOk7aNY6G9AVgrA0Gg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L78IUV5F-10-HOV4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 0907 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:05:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 0907 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 Aug 2022 04:05:42 GMT
access-control-allow-credentials
true
x-sovrn-pod
ad_ap7ams1
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
d
ic.tynt.com/r/ Frame 85BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Thu, 25 Aug 2022 04:05:43 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
async_usersync
ib.adnxs.com/ Frame 6090 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:43 GMT
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
11eb63e7-cee9-4c3f-9cf8-e707a4a00011
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ Frame D67E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB37 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.168.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-168-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=85997
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 04:05:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 03:59:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26uid%3D
  • https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&uid=9cfd6f56-ca73-417b-a800-82bb4f46d245&gdpr=&gdpr_consent=&us_privacy=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&uid=9cfd6f56-ca73-417b-a800-82bb4f46d245&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:44 GMT
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ec0f88fb-6c02-4f91-8739-bedc06d8980b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&uid=9cfd6f56-ca73-417b-a800-82bb4f46d245&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 25 Aug 2022 04:05:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Thu, 25 Aug 2022 04:05:55 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Thu, 25 Aug 2022 04:05:55 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
600
age
0
content-length
0
date
Thu, 25 Aug 2022 04:05:55 GMT
server
ATS/9.1.10.25
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ebbb71679d17827ba212ccf0ea153b33b83ca88b36bddda64379b6836171e20c

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:55 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.223.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
bid
ap.lijit.com/rtb/ 		95 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.9.0
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9256d0342570090228214038c26e2ebd5417eae514297f8c115689a149c27279

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Aug 2022 04:05:55 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
x-sovrn-pod
ad_ap7ams1
access-control-allow-headers
X-Requested-With, Content-Type
content-length
97
mvo
tag.1rx.io/rmp/247939/0/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/247939/0/mvo?z=1r&hbv=7.9,2.1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ufile.io
pragma
no-cache
date
Thu, 25 Aug 2022 04:05:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		48 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4ba585b53a39b86f3856672f46f7724a7948f42460caf18f21ccabe149e28ccd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 25 Aug 2022 04:05:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0677462d-04d1-4bc4-bf85-06086c875d6c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		25 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.29.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-29-200.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ac2f415b614d254416ec84688840f7ac0f761ca2df532e3c8968c5eb708b5e42

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ufile.io
date
Thu, 25 Aug 2022 04:05:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ufile.io
date
Thu, 25 Aug 2022 04:05:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		338 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e53d2e91b90c52f895e3bca8f75fdb2618afe2a32dfd0f734fa8c86af9eeb15

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:55 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
96a8282408bdce5faf2299e22084eb6bae3b6566c7197e20af9011ad5bce9eea

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 04:05:55 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3ff820c16aee2a6c8201d0431dc09fca28488c71c1337477d79d99696bfa5662

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 04:05:55 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b6e2d2a22a4bba569707b38ba4509981a53413a0c80b3ea289031a3cb9d3144f

Request headers

Referer
https://ufile.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 04:05:55 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ufile.io
access-control-allow-credentials
true
content-length
66
auction
tlx.3lift.com/header/ 		23 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.9.0&referrer=https%3A%2F%2Fufile.io%2Fkfmz9q2y&tmax=2000
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.84.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-84-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
62b96a9bed2539099b762187cdefded8b4241b72facbe1a2356ba845e7dddbd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 04:05:55 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
8140
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323466&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,d3e728f3-bf40-45bd-8aab-315ceb2531c9,,&eid_criteo.com=HCW3F19CJTJGT013T2FuMHh5TmRlSnJHSlRaclJTRE5vNkdaVyUyQmp0JTJCWlAydmRldlNMZUdwOUM0Mk5nZlBpSlR3QjFidWJLWU84MERqa3pRT2hiNm5yb0Rjc254JTJCaVFNN0VwbjJuQWlDbWZXdzVnVm5ZJTNE%5E1&eid_pubcid.org=abd327e2-1769-46e6-8015-44cc1cc6f490%5E1&rf=https%3A%2F%2Fufile.io%2Fkfmz9q2y&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2Fkfmz9q2y&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_970x250_top&tg_i.gpid=%2F22247219933%2Fufile_970x250_top&tk_flint=pbjs_lite_v7.9.0&x_source.tid=541be32d-332e-46c3-9f17-e8eef9785db5&l_pb_bid_id=191c9d6b6eae7eb5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.6885863594045039
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5dc49a806b17e6faefb7714376d05a4463633c05df3297e2eb89554af8528f3a

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:55 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7963
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323468&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,d3e728f3-bf40-45bd-8aab-315ceb2531c9,,&eid_criteo.com=HCW3F19CJTJGT013T2FuMHh5TmRlSnJHSlRaclJTRE5vNkdaVyUyQmp0JTJCWlAydmRldlNMZUdwOUM0Mk5nZlBpSlR3QjFidWJLWU84MERqa3pRT2hiNm5yb0Rjc254JTJCaVFNN0VwbjJuQWlDbWZXdzVnVm5ZJTNE%5E1&eid_pubcid.org=abd327e2-1769-46e6-8015-44cc1cc6f490%5E1&rf=https%3A%2F%2Fufile.io%2Fkfmz9q2y&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2Fkfmz9q2y&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_970x250_mid_1&tg_i.gpid=%2F22247219933%2Fufile_970x250_mid_1&tk_flint=pbjs_lite_v7.9.0&x_source.tid=bc873a04-d932-4c51-9f3e-e78044e4c42f&l_pb_bid_id=192bea5b0b1aa2b4&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.2944140969893352
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0b128b1a52113801250d0bd990bf2c825bc44c41b24c875d72b8631d387f1139

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:55 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7628
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323478&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,d3e728f3-bf40-45bd-8aab-315ceb2531c9,,&eid_criteo.com=HCW3F19CJTJGT013T2FuMHh5TmRlSnJHSlRaclJTRE5vNkdaVyUyQmp0JTJCWlAydmRldlNMZUdwOUM0Mk5nZlBpSlR3QjFidWJLWU84MERqa3pRT2hiNm5yb0Rjc254JTJCaVFNN0VwbjJuQWlDbWZXdzVnVm5ZJTNE%5E1&eid_pubcid.org=abd327e2-1769-46e6-8015-44cc1cc6f490%5E1&rf=https%3A%2F%2Fufile.io%2Fkfmz9q2y&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2Fkfmz9q2y&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_728x90_stickyfooter&tg_i.gpid=%2F22247219933%2Fufile_728x90_stickyfooter&tk_flint=pbjs_lite_v7.9.0&x_source.tid=7c3bd757-638c-4456-b9dc-28d5aca1b8a5&l_pb_bid_id=193335618884a4a8&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.9440628340088144
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.ufile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
24c7d5f7a0b8914efd7fbc1fb287cc1f0bc58ce81ecb8d17b5769009e310b64f

Request headers

Referer
https://ufile.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 04:05:55 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ufile.io
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7629
Expires
Wed, 17 Sep 1975 21:32:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
integrator.js
adservice.google.com/adsid/ 		107 B
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ufile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081802.js?cb=31069131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 04:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=btoB9ELMCr7io_rkHcnlKl
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=bL80eKLMCr7iodrkHcnnVW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=bxLpdiLMCr7iodrkHcnnVW
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091290934766007&correlator=3478911950149202&eid=31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_970x250_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C728x250&ifi=5&adks=2934328608&sfv=1-0-38&ris=29&rcs=1&fsapi=false&prev_scp=refresh_count%3D1%26hb_cs%3Dcurrent%26hb_bd%3D3%26hb_adomain%3Dcongstar.de%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.37%26hb_adid%3D1999b4bd2e47b2fb%26hb_bidder%3Drubicon%26anh%3Dtrue%26dah%3D4994229794%26lad%3D4994229794&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D0%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D6%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3DcriteoId%252Cpubcid%26uids_c%3D2%26waae%3D300%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D27s%26pad%3D6%26wabtr%3D33across&sc=1&cookie=ID%3Dcb1295ced3017111%3AT%3D1661400324%3AS%3DALNI_MbKH5be_0hhJuN9JBX47yevg9fE0Q&abxe=1&dt=1661400355577&lmt=1661400355&dlt=1661400324313&idt=273&adxs=230&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&frm=20&vis=1&psz=1140x250&msz=1140x250&fws=0&ohw=0&psts=AEC3cPKVp8kW0IPBMGOuhQdBeXefLvzQX_WnwpoxBoEpSEQ6PG3zze5dYXCEwthxF2PpGHdTzt16pbr2sQal3WML8MAi7BaR5sk&ga_vid=726762776.1661400325&ga_sid=1661400325&ga_hid=817674924&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY_Lu0ma0wSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREbG5aemwyZEZSVVpUSmlRMU56TkVWdVJtRXhaejA5SW4wPRidu7SZrTBIABIVCgp1aWRhcGkuY29tGIi6tJmtMEgA
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091290934766007&correlator=3478911950149202&eid=31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_728x90_stickyfooter&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=6&adks=3228805518&sfv=1-0-38&ris=29&rcs=1&fsapi=false&prev_scp=refresh_count%3D1%26hb_cs%3Dcurrent%26hb_bd%3D4%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_adomain%3Dcongstar.de%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.26%26hb_adid%3D1982840988d8f9b3%26hb_bidder%3Drubicon%26anh%3Dadhesion%26dah%3D4994229794%26lad%3D4994229794&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D0%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D6%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3DcriteoId%252Cpubcid%26uids_c%3D2%26waae%3D300%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D27s%26pad%3D6%26wabtr%3D33across&sc=1&cookie=ID%3Dcb1295ced3017111%3AT%3D1661400324%3AS%3DALNI_MbKH5be_0hhJuN9JBX47yevg9fE0Q&abxe=1&dt=1661400355580&lmt=1661400355&dlt=1661400324313&idt=273&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&frm=20&vis=1&psz=1600x4408&msz=970x-1&fws=640&ohw=0&psts=AEC3cPKVp8kW0IPBMGOuhQdBeXefLvzQX_WnwpoxBoEpSEQ6PG3zze5dYXCEwthxF2PpGHdTzt16pbr2sQal3WML8MAi7BaR5sk&ga_vid=726762776.1661400325&ga_sid=1661400325&ga_hid=817674924&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY_Lu0ma0wSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREbG5aemwyZEZSVVpUSmlRMU56TkVWdVJtRXhaejA5SW4wPRidu7SZrTBIABIVCgp1aWRhcGkuY29tGIi6tJmtMEgA
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4091290934766007&correlator=3478911950149202&eid=31069131&output=ldjh&gdfp_req=1&vrg=2022081802&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_970x250_mid_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C728x250&ifi=7&adks=2068803453&sfv=1-0-38&ris=29&rcs=1&fsapi=false&prev_scp=refresh_count%3D1%26hb_cs%3Dcurrent%26hb_bd%3D3%26hb_adomain%3Dcongstar.de%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.37%26hb_adid%3D2000e21017a54256%26hb_bidder%3Drubicon%26anh%3Dtrue%26dah%3D5113203823%26lad%3D5113203823&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D0%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D6%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3DcriteoId%252Cpubcid%26uids_c%3D2%26waae%3D300%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D27s%26pad%3D6%26wabtr%3D33across&sc=1&cookie=ID%3Dcb1295ced3017111%3AT%3D1661400324%3AS%3DALNI_MbKH5be_0hhJuN9JBX47yevg9fE0Q&abxe=1&dt=1661400355584&lmt=1661400355&dlt=1661400324313&idt=273&adxs=230&adys=781&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fufile.io%2Fkfmz9q2y&frm=20&vis=1&psz=1140x90&msz=1140x90&fws=0&ohw=0&ga_vid=726762776.1661400325&ga_sid=1661400325&ga_hid=817674924&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY_Lu0ma0wSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREbG5aemwyZEZSVVpUSmlRMU56TkVWdVJtRXhaejA5SW4wPRidu7SZrTBIABIVCgp1aWRhcGkuY29tGIi6tJmtMEgA

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| googletag function| $ function| jQuery object| btns function| showTooltip function| fallbackMessage function| Growl object| lazySizes function| loadCSS object| clipboard function| executeCaptcha function| onSubmit function| download_file function| addEvent number| countDownDate function| timer function| recaptchaLoaded string| slug boolean| loaded_recaptcha object| justDetectAdblock string| GoogleAnalyticsObject function| ga object| dataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue function| recaptchaCallback object| myCaptcha function| prepCaptcha boolean| active object| mr object| __cfBeacon object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| aawChunk object| aaw object| teads_analytics function| docReady object| mnet function| parcelRequire object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_127 object| Criteo object| Criteo_identitytag_127 function| __esp_getUID2Async object| __uid2 object| pbjs object| $crisp string| CRISP_WEBSITE_ID object| d object| s object| GoogleGcLKhOms boolean| $__CRISP_INCLUDED object| $__CRISP_INSTANCE object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| _tlTagsPending

44 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQy7u1ma0wCgoIgQIQy7u1ma0wCgoI4gEQy7u1ma0wCgoI5gEQy7u1ma0wCgoIhwIQy7u1ma0wCgkICRDLu7WZrTAKCQg6EMu7tZmtMAoJCAsQy7u1ma0wCgoIjAIQy7u1ma0wCgkIXxDLu7WZrTA=
.ufile.io/ Name: csrf_cookie_name
Value: ffa58ff4127cb46ecd785d173570920b
.ufile.io/ Name: _ci_sessions_
Value: m8ekmurs4pqor87u8idr0pmnhcakqgee
.ufile.io/ Name: _ga
Value: GA1.2.726762776.1661400325
.ufile.io/ Name: _gid
Value: GA1.2.1304824436.1661400325
.ufile.io/ Name: _gat
Value: 1
ufile.io/ Name: _uc_referrer
Value: direct
ufile.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ufile.io/ Name: __cf_bm
Value: tMKIWzbLGsQFm2BvRoKrRZuCDxFODPiaoUax3NnF9c4-1661400324-0-AdM9aV8hSLfwYaveroJVosmSqwv5jxfYkZeVuhx1O7iRfElUMoknvNzLvgzAe2Eaa6v9YzfhkOWxcfy8D5jE9JRDPCOdbYw1cHzfe7pILN4ruquzDiVlI/nrBDmckfne5w==
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEwheqbmAY4AUABSAEQheqbmAYYAA..
.adnxs.com/ Name: uuid2
Value: 6154146163571867541
.rubiconproject.com/ Name: khaos
Value: L78IUV5F-10-HOV4
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpIlOEPMkjJgObASkO6QPb7E03ikE5KqM25ytjmgZCWnU//EFA4kcSCYlRmxQ3CBqkmGweUluV0NweA48/jymgxpmvllXEtYN4=
.criteo.com/ Name: uid
Value: 96e2f3fc-3f32-4dc2-8cbe-59f1542066f9
.openx.net/ Name: i
Value: b7d820f6-fb53-4ded-9b09-2b3812715ad6|1661400325
.ufile.io/ Name: crisp-client%2Fsession%2F9891a594-d15f-44d2-ad63-5e086be01a3a
Value: session_5b6e2c5f-33b6-4269-997a-02c32d2cb37a
.ufile.io/ Name: cto_bundle
Value: uKWmhF8xYWslMkYlMkJxSHglMkJaWmlYWEl0aURzWUdEWGFjMjhZSUVHNEMxUWVibXUwRVZHR0VKNVZYQ0UlMkY4eXolMkJZQXZmMkhoRlpPNXpzZG1CJTJCTWNwbE9nRnFWMEE0dXNOZE9NWkdTT1F6Y1ZJaUw2NUV6eVFqeEtpT3p5Y0FTOTRCWElZbkxha2ZMNnREaHdzaWhpallzb21Dbkt2TGclM0QlM0Q
.ufile.io/ Name: cto_bidid
Value: HCW3F19CJTJGT013T2FuMHh5TmRlSnJHSlRaclJTRE5vNkdaVyUyQmp0JTJCWlAydmRldlNMZUdwOUM0Mk5nZlBpSlR3QjFidWJLWU84MERqa3pRT2hiNm5yb0Rjc254JTJCaVFNN0VwbjJuQWlDbWZXdzVnVm5ZJTNE
.ufile.io/ Name: __gads
Value: ID=cb1295ced3017111:T=1661400324:S=ALNI_MbKH5be_0hhJuN9JBX47yevg9fE0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUkmTXtxrbaoToiwm4IZVVEdI5j3HTf6g3Ya93fdKzidncGmVNT30Xq8mzYvDLk
.sportradarserving.com/ Name: c
Value: 1661400328
.sportradarserving.com/ Name: zuuid_lu
Value: 1661400328
.sportradarserving.com/ Name: zuuid
Value: d1f0d6c8-9a2e-4f9a-9d54-5e7e7f162a8c
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1661400328
.sportradarserving.com/ Name: pvc2
Value: WIZn8fChNn4Cx0qWDoX5LkmJzuogivslJ46EN-uNiiSGBn8NWjOmM36kKpBZZh2jxDJEbD3jyWXSF6LLsGBuvMu2npHk0S_xDMG34ajLX0Z9xFwDfmbbdzAQdbxxK2O7Iq596o4-_UjA0ycgaRB9rXZIfhuxlhmhkTlJTJVO9QDeVJlquVcs05OciA3REmXIelvu0DTB_jIwhYGqYJFJSOUOR23kLxkhpNqbxZbsnksWpmVd8eKU_-Ac6EpYoU9EZjdeS2XDrXz8dGyeG_y68zJV9-2JrzTOl0L5jGzDzR3ta7NBjqkIn67PGlUZbFPNcb3xWCLnmedDbsZxZsd4rj6OjdvmW68cXBfGZysbDNFV66hqD9I1-usDoYlmdLh8h6SfPzIX2qeHGM5QIbhIBolx5tXbWuqRjGGR1nWdXZqTAyfBtnH7u0lF6MudPv_ixq4uvtMc6fTt0B4WkO9On0gGRuBQcKY-gRGZMS1L7BQdiqBJ6Uml0AVeMD7D3y9u0IOqU-8ne-qa_2ryPgSmKzLBXL7NDUXR9D8CM5RHryOgeoNUGaPtCuAafv2GA-_SmfSE2QPP7by8yqnL5FZTZCwn2-1n5KynjKKeg1ycaijkOUqHnOwdzILSfeJmbrF7WSi504HBD-ue5Pt_IkzU-J7BJHjVgo5ZsA99J-U2HVcyfC9vPpiqO2lBaChkDRQjMRjMUmBP-5iFiLBXpETRJSfvGLeDg1TiiX38fQ33k8RkpQx_4vCw00Gx9IK4-rG29O3c3lFjUWiEhqQwxX3aeRP3JlNX4Z3dGMZj62vl4xRIOT-WjOvT4xgE6kUfEVgdNkPCHWfOXUYClx2e6JDBS2K4Cl0,DwJgOyrKUSc9prRwc89dAw,GJWI7mOaKmFgbt09ut3u_A,niFepJCjdKM95kh8EVD_Pg,GJWI7mOaKmFgbt09ut3u_A,rLJ2qYbsMBSmCClB0f-xtQ,GJWI7mOaKmFgbt09ut3u_A,EQWruOmqRhlVXWwAl3AA4A,GJWI7mOaKmFgbt09ut3u_A,n5ENMtPnaUNauHAOR0tG2Q,GJWI7mOaKmFgbt09ut3u_A,9O-2738D36FOXdiX0wjzMQ,GJWI7mOaKmFgbt09ut3u_A,NZQ26PTCWeVQHyKoC9PCYw,GJWI7mOaKmFgbt09ut3u_A,z3nCnOmQ42TNpAEFBQAhJA,GJWI7mOaKmFgbt09ut3u_A,pnTqLSYLYH1fOvtWoVozBg,GJWI7mOaKmFgbt09ut3u_A,8Xw1dLAt61U54fr5UAiCzA,GJWI7mOaKmFgbt09ut3u_A
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b5c0d413-b936-4347-b166-17dd50594372-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBBX1BmMCEMDQeWHFUI2sZkGyYM96OxMFEgEBAQFGCGMQYwAAAAAA_eMAAA&S=AQAAAoDCJTE6KC4HlADgXmpW2m8
.analytics.yahoo.com/ Name: IDSYNC
Value: 198i~26s4
.bidswitch.net/ Name: c
Value: 1661400341
.bidswitch.net/ Name: tuuid_lu
Value: 1661400341
.bidswitch.net/ Name: tuuid
Value: ec3ff4c2-efdf-4dcb-8e8a-396d7d3ea113
.3lift.com/ Name: tluid
Value: 1463718690904148241452
.quantserve.com/ Name: d
Value: EDYBDQH4Jv7KwQA
.quantserve.com/ Name: mc
Value: 6306f515-ef777-a4af3-01467
.bing.com/ Name: MUID
Value: 0990DC4D29E2692430A5CE462893687C
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&2478af7a-6d0b-4195-8689-68811f36bf87"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjE0MDAzNDI7MjswMjHnnqdbLlFZTCSylR0qVlmWS75SY77HvU9fXZQ9oqcWfw==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2698:u=1:x=1:i=1661400342:t=1661486742:v=2:sig=AQHkwEpaEQiLC_87dWfQKp4moR8Q8WeW"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A4bKE4RBSEuKhdfwIwZet88
.adnxs.com/ Name: anj
Value: dTM7k!M4/ID>[gVF']wIg2GVIg7_=/!]taa8bhzs#DNAmf!+nV8v`@d.I5MK)YaL.u)emhP-YTu[H$[oB[W1b:>xR+c.#kB:ay!gZ5:G<on17gd-2^4c330P!Z+o+v7[.peYZ)bJhLR'Xulx$/+/`!@#b^lT+OnN'@XnlT->$d?R.Pw2NGo?Jo6^-grbj4=N(v7R<X#b66'[KaEWjQge)iY2c/fX21K<b=j?9VO[4-P4tQr9Rl$HIYJma^?Y!Udh$k0dh(LoC'-fz])1oZ%JAnL:T#f>yg^oFs=Ik$s4dmeI3I?.=Hfn1Y
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJtZWRpYW5ldCI6eyJ1aWQiOiIwMDAwRUVBIiwiZXhwaXJlcyI6IjIwMjItMTEtMjNUMDQ6MDU6NDBaIn0sInlhaG9vc3NwIjp7InVpZCI6InktcjZzOU1kMUUydUZZdWFMZXdzTzlTTDhvTWprQVBfVUhvVS5hc19jLX5BIiwiZXhwaXJlcyI6IjIwMjItMTEtMjNUMDQ6MDU6NDFaIn0sImdyaWQiOnsidWlkIjoiYTBmYjMwZTAtNjRjYy00ZDJlLTlhNDMtNzU3NjFjNDU4NTQyIiwiZXhwaXJlcyI6IjIwMjItMTEtMjNUMDQ6MDU6NDFaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMTQ2MzcxODY5MDkwNDE0ODI0MTQ1MiIsImV4cGlyZXMiOiIyMDIyLTExLTIzVDA0OjA1OjQyWiJ9LCJhbXgiOnsidWlkIjoiOWNmZDZmNTYtY2E3My00MTdiLWE4MDAtODJiYjRmNDZkMjQ1IiwiZXhwaXJlcyI6IjIwMjItMTEtMjNUMDQ6MDU6NDRaIn19LCJiaXJ0aGRheSI6IjIwMjItMDgtMjVUMDQ6MDU6NDBaIn0=

3 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6cde64e770c1f20a4be04f873d372307.safeframe.googlesyndication.com
a.teads.tv
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
at.teads.tv
b1sync.zemanta.com
c.bing.com
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cdn.adapex.io
cdn.ampproject.org
cdn.connectad.io
client.crisp.chat
cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
contextual.media.net
creatives.sportradarserving.com
eb2.3lift.com
eu.sportradarserving.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
ib.3lift.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id.sharedid.org
image6.pubmatic.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prod.uidapi.com
px.ads.linkedin.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-eu.connectad.io
sync.1rx.io
tag.1rx.io
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
ufile.io
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
securepubads.g.doubleclick.net
ssc.33across.com
13.248.245.213
142.250.185.98
142.250.186.98
147.75.85.234
151.101.129.108
178.250.0.157
18.156.195.47
18.197.29.200
18.66.112.66
185.64.189.112
185.64.190.78
185.89.208.11
185.89.210.122
192.241.157.60
2.18.168.202
2.18.168.23
213.19.147.43
213.19.147.45
216.52.2.39
23.47.209.72
2602:803:c003:200::21
2606:4700:10::ac43:8ae
2606:4700:3036::ac43:9b51
2606:4700:440e::ac40:9c1a
2606:4700::6810:85e5
2606:4700::6812:1c5b
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:400c:c1b::9c
2a00:1450:400e:80c::200a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:f700:4::212:4f18
2a02:fa8:8806:13::1400
2a05:d018:d29:3602:ab6e:8189:a819:79f3
2a06:98c1:3120::c
3.124.17.94
3.126.56.137
3.136.53.155
3.67.157.21
34.102.146.192
34.107.148.139
34.120.107.143
34.208.243.53
34.98.67.61
35.158.84.125
35.244.159.8
35.244.174.68
51.89.9.251
52.223.40.198
52.46.128.147
64.202.112.223
67.202.105.23
67.202.105.32
69.173.144.138
69.173.144.139
92.123.36.4
92.123.38.97
92.123.9.160
009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07
04033f4fee88b3246e789c7e722fc4354588eeeea0141941a1b5706a598f46f5
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b128b1a52113801250d0bd990bf2c825bc44c41b24c875d72b8631d387f1139
0b1d26389f36c06c51de5c2e21ff754189bed8f2ab99191c264db8fd3912e9a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb6f3cf7117606a82aa545914c6aaa4c7765f3d1f2c948fb3c2b3769277e54d
0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35
14617ac5dba86061ae843e682417f7d0abfbfd5ca9ba3c44a9bbedb4d57bb2ed
1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf
1c86a6c742255619f3d9c1ff17e41ad7edb31824a09314cf17ca695e804b5bbe
1c9b145cac87420c0fe1300b607f36f1250dec5eb8ad4805fbeb3f687aaf7633
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0
20809c9da25799d3c322de82bb1d25afb0a14578f6f50a21aedc22114318f25d
22ba33a81c7991dc6f5cf53028a16627e04dfb39f079c06f75e8366a5da29659
242bf97787ccf71d298bc5a19d0bf0e631b666d1eb1fc9bdb01f51255a12a158
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
24c7d5f7a0b8914efd7fbc1fb287cc1f0bc58ce81ecb8d17b5769009e310b64f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
298f93b12035fe3d354d13647d5f01f0a2881862f78b7416c640cb3a5413a473
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3594c3e4a345deebc7b6609bb2746435cbf0d5243f457669637fdce23ef113dc
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37d926ff1774efcd9da2eb444744d43997376fc9c8ac940785e94f6a13cfc89b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e53d2e91b90c52f895e3bca8f75fdb2618afe2a32dfd0f734fa8c86af9eeb15
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff820c16aee2a6c8201d0431dc09fca28488c71c1337477d79d99696bfa5662
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba585b53a39b86f3856672f46f7724a7948f42460caf18f21ccabe149e28ccd
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ea100ea9febcb57877337f29b107a6f38a258a192bdd9dbbe4a0c7fd344055c
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5823a59db5f9aa8325acfb5a2bfe01fa2474a3acf88503e132910da8bd35b83e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6b5acb426c0b28ac1b87101adfcf8f05d07f2fc6bdc42e5a9ac4f2208f42a3
5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960
5dc49a806b17e6faefb7714376d05a4463633c05df3297e2eb89554af8528f3a
5f00982b82b38c4f659d96f342413523d1869eabd2f5faef467127b71d66d162
5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b96a9bed2539099b762187cdefded8b4241b72facbe1a2356ba845e7dddbd8
6422f88674675f6ecf473b4f5d5bf65a3ffa0c06f38e7ba429ba2fc015a62f75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
71286761b8e769fe6c527584e1acfb289706ddb93e6c4dd15f3872a5439a66f3
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
73ccbf7b2c5411a9fb2aa4ab3bc561789798f34ce78bfd7478337df12d9d97aa
747be7fa209c0b69a12979771c93df821bcf0d112c90479c299e54f433220b8c
75b7ff17c9cc6595a13f87ebfc8d891821d838014499ecb09872ea33df934e61
7da81d9acf056acd9ecffd70af2e8f8e3ee2c64de75729bcbb6d619639037fcd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
869ff928dceab913deb137e5aa99b8ceb4e7520e0bb929f73e10d3ca66b785cf
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
886ffb82e1da067712a7eec3fd3fa0a1b8879158d70d5d2d183824cb168434f4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dda372d28320c5bd3cb0270f3197ebee314388b9603e1312763407cf7d07ae2
90e5f708e17f2634f4e4471d55954d3dc3b9d4c65084f7e0dc76b67982f376f4
9256d0342570090228214038c26e2ebd5417eae514297f8c115689a149c27279
940727e015ad82ea3e9ecc3280c2db3e91806ebe4c69df50deb2e64f411e6ac2
945b45d349d909653fd7315892979c584fa2b828d0da8ab486837c48ead7076c
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
96a8282408bdce5faf2299e22084eb6bae3b6566c7197e20af9011ad5bce9eea
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c4924ddfab62496f4faa146387c17969d4e916172d2cd7c79e1bf02f87df120
9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50fb9ae1b5262d504366decc64cb6e262be51a9f07bacc82d698e08e4eb9b1f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a61e4d1bcf27943871aaa77e1bcc95c00f5faec80814c984081414acb1c45627
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9a421c0c844893ec6a4f744d5760cf646bcfe18e72b6030defa5b287e86061d
ac2f415b614d254416ec84688840f7ac0f761ca2df532e3c8968c5eb708b5e42
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee6c2e06609d7944ad8ad21dd3b6a8ad2c35bc7605523d59b2f28ade70b22a0
afa1d5bcfbc58ede9d71fd9eb2c5b53c369f05f3255ea4a36398be35b52979b9
b06a8c56d6c09b9cbc98dd2d31f7d9935aceaabb99ee52f32775c255b105b231
b3b57d866f71d90938de71e79b8e770f3c0f24808318f702964d7709e6aa9530
b6e2d2a22a4bba569707b38ba4509981a53413a0c80b3ea289031a3cb9d3144f
b82b9af397f1ba3e70a5ba5bf5c313d27fe282be83804527f399b06bf57fc4cf
b9573d69a33ef46db38f706b77f91801ec31351735c9299292d53811c273f6ee
b9a07746800cc35eb77e635e3f4e63062f3727e139f1495d479608eba9c626a0
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c1cf56dd9a6a38941df16cebf73dafe056265ac13cae02bbf570de6a76076815
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3c9b2936561e10d6c2bda0d5130daee1ae437c16c94d17bbfc7e5c0cb75d739
c8d22a7698bf89ec9cbba462ae6af5f74c67ce3898cdfea86cee1ce4c27f350b
cc3bcd93f2aa5a38ad99ef348aca4a5effb990fa381433fdc1a6a40a87b400a8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cd538094f00a8f620f7f12c0a7ac0fcca74ee7b4388955470cd7f14c4fb602a5
d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
d415f82142d578c1440e0f194b5694315a05f0daa2aa8a4ccd1706697bd133c0
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d912e33c68642d7c00f42ac21211ff5be562d1d8900d46c0a7658b91461d1f41
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ece30df70d3d1a28c0eedfb36f7bbdbf46340b97020205af97e3abe258d3bd
ebbb71679d17827ba212ccf0ea153b33b83ca88b36bddda64379b6836171e20c
ebf9218a016a4a06e257c70b58ebef5da0dc3ae22a3e28b9d394e688f54a228a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
ed0baf28f8f825d5cef25104dd11326f10796e20df1dff37afc454f1d450c0fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02ca71b10a4063641175350bc609bc5bbad4eb3270b558c2e36900e57ec5e68
f251987dc3737b35cc0fcbd0981bc839f7b42b419ef67c91d7fc563cf983ead1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
fb6107b7c3d0dc7590ce3d479c96690d1761e5be8ee2c1efdd17158aa3fc18b0
fbe3322149369708038a2dec8b5ab605f88f2f9a07291585babc870b3df401da
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505