www.file.io Open in urlscan Pro
18.66.112.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://file.io/usK7mT976RGx
Effective URL:
https://www.file.io/deleted
Submission: On November 19 via manual (November 19th 2022, 2:57:47 am UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 37 domains to perform 107 HTTP transactions. The main IP is 18.66.112.123, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io.
TLS certificate: Issued by Amazon on February 24th 2022. Valid for: a year.

This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.213.81.213 3.213.81.213	14618 (AMAZON-AES) (AMAZON-AES)
32	18.66.112.123 18.66.112.123	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	64.20.35.44 64.20.35.44	19318 (IS-AS-1) (IS-AS-1)
9	2606:4700:10:... 2606:4700:10::6816:2560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.120.168.177 3.120.168.177	16509 (AMAZON-02) (AMAZON-02)
2 2	52.20.203.237 52.20.203.237	() ()
2 2	216.52.2.19 216.52.2.19	() ()
1	2600:9000:205... 2600:9000:2057:8e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	95.101.200.23 95.101.200.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	52.46.130.91 52.46.130.91	() ()
5 5	142.250.185.162 142.250.185.162	() ()
3	15.197.193.217 15.197.193.217	() ()
1 3	185.80.39.216 185.80.39.216	() ()
5 6	37.157.6.233 37.157.6.233	() ()
1 2	99.81.119.147 99.81.119.147	() ()
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	() ()
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:9d2d:6adc:d56f:1d9c	() ()
2 2	213.155.156.167 213.155.156.167	() ()
6	185.64.189.110 185.64.189.110	() ()
2 2	185.29.134.244 185.29.134.244	() ()
1	178.250.0.163 178.250.0.163	() ()
1 2	54.239.33.158 54.239.33.158	() ()
1	198.47.127.20 198.47.127.20	() ()
1 1	141.94.171.214 141.94.171.214	() ()
1	34.91.62.186 34.91.62.186	() ()
1	69.173.144.139 69.173.144.139	() ()
107	37

1 3.213.81.213 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-81-213.compute-1.amazonaws.com

file.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 18.66.112.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-123.fra56.r.cloudfront.net

www.file.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.20.35.44 (United States)

ASN19318 (IS-AS-1, US)
PTR: bid.glass

bid.glass	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cb1762bd1b8587308ba1122c7643b6fc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.168.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-168-177.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.203.237 (None, ) 2 redirects

ASN- ()

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (None, ) 2 redirects

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.200.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (None, ) 5 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (None, ) 1 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.233 (None, ) 5 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.119.147 (None, ) 1 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (None, ) 1 redirects

ASN- ()

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:9d2d:6adc:d56f:1d9c (None, )

ASN- ()

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.33.158 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.214 (None, ) 1 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	file.io 1 redirects file.io — Cisco Umbrella Rank: 541458 www.file.io	991 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 cb1762bd1b8587308ba1122c7643b6fc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	94 KB
10	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 458 image6.pubmatic.com — Cisco Umbrella Rank: 662 image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	26 KB
10	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net	144 KB
9	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 11251 sync.quantumdex.io — Cisco Umbrella Rank: 4125	2 KB
7	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418 dsum-sec.casalemedia.com dsum.casalemedia.com	6 KB
6	adform.net 5 redirects c1.adform.net	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	109 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com aax-eu.amazon-adsystem.com	3 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com	11 KB
3	adsrvr.org match.adsrvr.org	793 B
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	3 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 599 ce.lijit.com	2 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	562 B
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 280	547 B
2	disqus.com 2 redirects ssp.disqus.com	705 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1902	1 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	simpli.fi um.simpli.fi	610 B
1	onaudience.com 1 redirects pixel.onaudience.com	419 B
1	criteo.com dis.criteo.com	363 B
1	adroll.com d.adroll.com	181 B
1	dotomi.com 1 redirects casale-match.dotomi.com	181 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 723
1	unrulymedia.com usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2723
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 479	1 KB
1	media.net 1 redirects hbx.media.net — Cisco Umbrella Rank: 1126	450 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 661	241 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 498	35 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8709	792 B
1	bid.glass bid.glass	317 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	27 KB
107	37

	Domain	Requested by
32	www.file.io	www.file.io
8	sync.quantumdex.io	www.file.io sync.quantumdex.io ssum-sec.casalemedia.com ads.pubmatic.com
6	c1.adform.net	5 redirects ads.pubmatic.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.file.io
5	cm.g.doubleclick.net	5 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.file.io
3	simage2.pubmatic.com	ads.pubmatic.com
3	image2.pubmatic.com	ads.pubmatic.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	ssum-sec.casalemedia.com ads.pubmatic.com
3	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io ssum-sec.casalemedia.com
3	ib.adnxs.com	3 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	d5p.de17a.com	2 redirects
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
2	eus.rubiconproject.com	sync.quantumdex.io eus.rubiconproject.com
2	ups.analytics.yahoo.com	2 redirects
2	ce.lijit.com	2 redirects
2	ssp.disqus.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.file.io www.google-analytics.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	um.simpli.fi	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	d.adroll.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	onetag-sys.com	sync.quantumdex.io
1	secure-assets.rubiconproject.com	1 redirects
1	usermatch.targeting.unrulymedia.com	sync.quantumdex.io
1	id5-sync.com	sync.quantumdex.io
1	hbx.media.net	1 redirects
1	s.ad.smaato.net	sync.quantumdex.io
1	match.sharethrough.com	sync.quantumdex.io
1	ap.lijit.com	sync.quantumdex.io
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	cb1762bd1b8587308ba1122c7643b6fc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	useast.quantumdex.io	www.file.io
1	bid.glass	www.file.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	www.file.io
1	file.io	1 redirects
107	54

This site contains links to these domains. Also see Links.

Domain
mrcowboy.com
bid.glass
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
github.com

Subject Issuer	Validity	Valid
*.file.io Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.onezo.bid.glass R3	`2022-10-02` - `2022-12-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.file.io/deleted
Frame ID: 1C4DCE6701149FB5D847B0CA38E48F73
Requests: 46 HTTP requests in this frame

Frame: https://cb1762bd1b8587308ba1122c7643b6fc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1D22D7B61A2C333AB1B34B13904500EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E315A43DF20903FC5023A2736DA5FB6D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 03D9DEDBE59C725C062B3619D8EB304C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 17626C8B5770E2D5F68A8F2559F510FF
Requests: 15 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 181420E298F306BF329D2A63FB5325D1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: E44F8D874540224B2816F9EF47F4B697
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: BF7FF66BBEC10495EC3ED6EC71EFD171
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: FAE99282081003436F43FAE488999E12
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: EF96B36D09422DD69E188C2A89095755
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: BF4376FFB784543246EB385ED5B7A0B1
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent=
Frame ID: 5FEE23888E646F70757992FB5C7847BF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7660595833176703082
Frame ID: 85022E40E651E935EF88AB099DFCBDF1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bcb66378-462b-4500-bea4-170b3a916374&gdpr=0&gdpr_consent=
Frame ID: 6096ABBBED08B4F5F1E5B420ED386F79
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E5C6654C0212DEC0DB3810BDD8FC8A94
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23612573-03D1-440F-B1EC-750A4710DA3B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 58A90BECC6FE5CDE4C49A5C09BC8DCCD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8754259124876196755&gdpr=0&gdpr_consent=
Frame ID: 1608DDD9205FAE547CFA7B5181E7F084
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=23612573-03D1-440F-B1EC-750A4710DA3B
Frame ID: C126EA70F2CE746C3B26A7723BC8FE93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deleted | file.io

Page URL History Show full URLs

https://file.io/usK7mT976RGx HTTP 302
https://www.file.io/deleted Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

107
Requests

84 %
HTTPS

31 %
IPv6

37
Domains

54
Subdomains

37
IPs

6
Countries

1472 kB
Transfer

3234 kB
Size

34
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://mrcowboy.com/
Title: Mr Cowboy LLC

Search URL Search Domain Scan URL

URL: https://bid.glass/file.io
Title: Advertise

Search URL Search Domain Scan URL

URL: https://twitter.com/filedotio

Search URL Search Domain Scan URL

URL: https://www.facebook.com/file.io

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/fileio

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/file-io

Search URL Search Domain Scan URL

URL: https://github.com/file-io

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://file.io/usK7mT976RGx HTTP 302
https://www.file.io/deleted Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=e1ded7bb-8e18-5243-8bc7-4575e8bf035f

Request Chain 69

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8754259124876196755

Request Chain 71

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-fb8ff84e-436c-3b28-bc66-f6e270a78819&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mYjhmZjg0ZS00MzZjLTNiMjgtYmM2Ni1mNmUyNzBhNzg4MTkqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWZiOGZmODRlLTQzNmMtM2IyOC1iYzY2LWY2ZTI3MGE3ODgxOTIBDDgB HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-fb8ff84e-436c-3b28-bc66-f6e270a78819&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mYjhmZjg0ZS00MzZjLTNiMjgtYmM2Ni1mNmUyNzBhNzg4MTkqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWZiOGZmODRlLTQzNmMtM2IyOC1iYzY2LWY2ZTI3MGE3ODgxOTIBDDgB&dnr=1 HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=FrNRsRZHXm4KmpfVS4CYg_2A&r=Cid1YS1mYjhmZjg0ZS00MzZjLTNiMjgtYmM2Ni1mNmUyNzBhNzg4MTkqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWZiOGZmODRlLTQzNmMtM2IyOC1iYzY2LWY2ZTI3MGE3ODgxOTIBDDgB HTTP 302
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-fb8ff84e-436c-3b28-bc66-f6e270a78819

Request Chain 73

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 75

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nsiO97JE2uECdVsCTpbd8IoYcXfZH.4zqJgtfqA-~A

Request Chain 76

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 78

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 82

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB&dcc=t

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIlh5zL2xKuFFfhQDUGgCpE&google_cver=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3hGKpFyRtnXy8ZHTOvO3wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAbvLFOE9Zqq-VgjawU89GM&google_cver=1

Request Chain 86

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7565702440851564940&expiration=1670036266

Request Chain 87

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hGKpFyRtnXy8ZHTOvO3wAA%265153?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3hGKpFyRtnXy8ZHTOvO3wAA%265153

Request Chain 88

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1668913067

Request Chain 92

https://c1.adform.net/serving/cookie/match?party=14&cid=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent=

Request Chain 93

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7660595833176703082

Request Chain 94

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bcb66378-462b-4500-bea4-170b3a916374&gdpr=0&gdpr_consent=

Request Chain 96

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23612573-03D1-440F-B1EC-750A4710DA3B&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23612573-03D1-440F-B1EC-750A4710DA3B&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 97

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8754259124876196755&gdpr=0&gdpr_consent=

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I2ElcwPRRA-x7HUKRxDaOw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 100

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e07f6378-462b-4800-b3ca-ef8f6988bb7b

Request Chain 101

https://pixel.onaudience.com/?partner=214&mapped=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjM2MTI1NzMtMDNEMS00NDBGLUIxRUMtNzUwQTQ3MTBEQTNC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiWnMkyavFrc9ZpcvAlq9w&google_cver=1

Request Chain 105

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1126726086101740331

107 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request deleted Show response
www.file.io/
Redirect Chain

https://file.io/usK7mT976RGx
https://www.file.io/deleted

440 KB
111 KB

103ms
48ms

Document
text/html

18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec6d5a5b2870c8eafd9b757bddb1207380592474611b07fa97839c94a4667ff1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65311
cache-control: public, max-age=0, s-maxage=86400
content-encoding: br
content-type: text/html
date: Fri, 18 Nov 2022 08:49:11 GMT
etag: W/"941d3ceb51fa36384a2d3076027df915"
last-modified: Fri, 18 Nov 2022 08:47:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-id: wFR0XWmyntLyNpRfQTegUXFDu8zd0XSme_43bDf67fO_H-2Tz_T7bQ==
x-amz-cf-pop: FRA56-P5
x-amz-id-2: 8fFvVWk4d9C49hyNleOouRjXtbI/xNuV7NhJlh13VeBtJxwDSw6vTXlroqLS69u9KGz/oBlA0f0=
x-amz-request-id: 91JFE8TP7ZQ1J5QX
x-cache: Hit from cloudfront

Redirect headers

access-control-allow-headers: Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin: *
access-control-expose-headers: X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
content-length: 98
content-type: text/html; charset=utf-8
date: Sat, 19 Nov 2022 02:57:41 GMT
location: https://www.file.io/deleted
retry-after: 60
vary: Accept
x-ratelimit-limit: 1
x-ratelimit-remaining: 9
x-ratelimit-reset: 2022-11-19T02:58:41.721Z

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 01:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5572
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 19 Nov 2022 03:24:49 GMT

GET
H2 200 Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 317 KB
318 KB 203ms
203ms Font
font/woff2 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer: https://www.file.io/deleted
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:05 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:14 GMT
server: AmazonS3
x-amz-request-id: 12BPDAZ7XQG96T1X
x-amz-cf-pop: FRA56-P5
etag: "8dd26c3dd0125fb16ce19b8f5e8273fb"
age: 65138
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 324864
x-amz-id-2: 9zBBL0+bk6VnPshKTFYHDRn7vV5e5XxiOdMyGY4FaysmOHmhcteft/eA7U+qGXbFjRbUKSt0Guc=
x-amz-cf-id: InIQ-iWz0psvkUjU2lZGGAnVpp6rW6EoOV8BJ-AIhFmcA9Ug2q3exA==

GET
H2 200 app-bd8cc0780fb633513965.js Show response
www.file.io/ 651 KB
159 KB 39ms
37ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/app-bd8cc0780fb633513965.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce0b791928e69822c986829aedb5dc76879a3ceec12866ea3b025220c3773d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:03 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:02 GMT
server: AmazonS3
x-amz-request-id: TKRKEYMSF53ZH2HY
x-amz-cf-pop: FRA56-P5
etag: W/"a11f51557ece76157a6491eb33b328dd"
age: 65319
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 9q-JBqzn5B0GC4ze3dl_9GUIcs0WQ-JKIXKdgzDkYhIOeWB4ou3QMQ==
x-amz-id-2: BDfAqL9BonpnA0s8793Ub57ce2aN/lOEOE0dSGJvCA0fV4zahraVVJV3TnaMS1MVwO0tmtO16Ws=

GET
H2 200 0eceb729-761e2b4090024f08e2ca.js Show response
www.file.io/ 12 KB
2 KB 39ms
38ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/0eceb729-761e2b4090024f08e2ca.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:03 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:57 GMT
server: AmazonS3
x-amz-request-id: TKRH0K9S3TFH3RPY
x-amz-cf-pop: FRA56-P5
etag: W/"d8fa3e295945b4065c7adabadd2be99b"
age: 65319
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 3nhBNrM5uZB7CMly2cAVye8BkaPW39S6Zj9cJc8vgWqIL-TPrihSqw==
x-amz-id-2: +QTnX0bwHYYPJQDtwnQUIs03/vKPsUHA+pm/AT3DdZHTL32WwQeOSLbiGd7Ci0ew5TS3qTKbZ6E=

GET
H2 200 d6a9949e-4e9c210da2d83a376ddb.js Show response
www.file.io/ 51 KB
6 KB 76ms
75ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:03 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:07 GMT
server: AmazonS3
x-amz-request-id: TKRJVNNEMTNBFP9J
x-amz-cf-pop: FRA56-P5
etag: W/"2feda6389a53a29ad5102ef7918752f6"
age: 65319
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: UVGVmh2gw_rfKq-i7wcIVAUehS-1gLO91g-8SmKzV_c_eXGa9Lm-sA==
x-amz-id-2: pjVwPeK4ylUV7G/tAQ/1xA+mVWBkLhNZS169NqalQfVJ4q3lSaUDYhgT32oQXnKubBbxuUZGtR4=

GET
H2 200 e82996df-3c73e38611643c5bb219.js Show response
www.file.io/ 50 KB
14 KB 72ms
71ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/e82996df-3c73e38611643c5bb219.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:08 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:08 GMT
server: AmazonS3
x-amz-request-id: KTEHJCT7WM4MMBZE
x-amz-cf-pop: FRA56-P5
etag: W/"785aafc2bda0f767992456b4ba1b0627"
age: 65314
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: nk75l3XhIekfwB0UmQ142Vitx4c6SdB2WhOZT0R-dO2pGb4WQQ5bIg==
x-amz-id-2: jfaipj5Of9PalIda68sm0CzgfCnYHFs5E7hruAkLy1KXVQBu510ezl44Asz2X+O13sIQcJT8fOw=

GET
H2 200 framework-8fce40ee519418a713c9.js Show response
www.file.io/ 145 KB
42 KB 66ms
66ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/framework-8fce40ee519418a713c9.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:08 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:09 GMT
server: AmazonS3
x-amz-request-id: KTEMVQFKEHPRD6MP
x-amz-cf-pop: FRA56-P5
etag: W/"c4a5f7717ceee6ea81514ff62873ada9"
age: 65314
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: d6El7KiaI8CTEBfqfx0gtnhRZ-agSXV1Xv_0DAlBA4h99L2vhDZtQQ==
x-amz-id-2: A3no/47EdNwZL3mb9F9lxN6MfCwDf4/h/y6DrBxqK3ynaw/2g5nFNpzQ+ezaefJoZSVgCax4r58=

GET
H2 200 webpack-runtime-1ba38f695df4d8147637.js Show response
www.file.io/ 9 KB
4 KB 65ms
64ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b35556698e4334e4bf32a5fdc75df1c85fa5a30891fe80593e269f109cf3139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:03 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:14 GMT
server: AmazonS3
x-amz-request-id: TKRS4F8G09X7ZCRE
x-amz-cf-pop: FRA56-P5
etag: W/"98dfd1fdbed6c706f1a4dadfe5d2fc41"
age: 65319
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: Bs6dF86iw-KlfNKpkVraofoA4iZeVhG0K0LbDmREorpibfYJw2DtWw==
x-amz-id-2: 4xbOrJtq6Ipbp6oT3kFK/eXpC0YMnA30jmBhtSOMShCg8SOpWM4PvbvEFmBJuSgxU7gRCn95Ftw=

GET
H2 200 app-data.json Show response
www.file.io/page-data/ 50 B
517 B 37ms
36ms XHR
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/app-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed36418f7bd0d9e901adfdfbfc7d9b1ff41c623c04152c8d884c4d67efa634d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:51:15 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: MH9JNY4AE5K5JZQJ
x-amz-cf-pop: FRA56-P5
etag: "6bae2b6ac74bb26f2860a9cf277328b7"
age: 65188
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 50
x-amz-id-2: FnFUf4UJCn/FyS+2e5hm+seFAcmSE/mDDFZyYLVzvdzMqIZgOOkjupWa6PvcUNgXxSnnPy3MD6w=
x-amz-cf-id: msSxv8zl0nBoo3vLH-kOfSz1I53S_GzcKxtyWtQgiQJD99eYtP3M8g==

GET
H2 200 page-data.json Show response
www.file.io/page-data/deleted/ 152 B
620 B 37ms
37ms XHR
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/deleted/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:51:27 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: 7YF1FYKAW168GZ0Y
x-amz-cf-pop: FRA56-P5
etag: "728a4f433ef9bed1433eaa226cad06d0"
age: 65176
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 152
x-amz-id-2: 9rvHynq2AClMsuX9u/z1+TXEXrYXUF71GKJhP0XdL5HT/LkrPeQsaXgcyT2CkdZXnbi28BRXUXQ=
x-amz-cf-id: hLTiHlWQTVXqOsvXOEGIQmbnbwLoQRHYodZMNo6sYCC8qm_G0x4_Kw==

GET
H2 200 cb1608f2-86eb2737c3b59340ea35.js Show response
www.file.io/ 18 KB
7 KB 34ms
34ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/cb1608f2-86eb2737c3b59340ea35.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11e185c59e68173bb11c38327d38a40c91e9aff8d660c2c83e2e27ba20a604e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:09 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:02 GMT
server: AmazonS3
x-amz-request-id: FGBVQ8CT6TTR01F9
x-amz-cf-pop: FRA56-P5
etag: W/"702778321877e371451569e80d56651b"
age: 65314
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: oll_IWc6NLXX4fq3uGcyBcbHOhiyvfRzqHHBtKpDEh7ZUbOTQsf_mw==
x-amz-id-2: lAU1ErUa2NTZxVUC8MTU73mvCPK7232tVrYOr1VZ0hqDc4sisUC7FaMaEkh18cSoFDw+CKCzNb0=

GET
H2 200 a9a7754c-f1b5f9c5144f62adc766.js Show response
www.file.io/ 4 KB
2 KB 37ms
37ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:09 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:59 GMT
server: AmazonS3
x-amz-request-id: FGBT16S0VKY19GSZ
x-amz-cf-pop: FRA56-P5
etag: W/"4ae04cdf11989fa265bb8cc9b598298f"
age: 65314
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: Wwy_i_6IpWo7v0GAAvHqzM3vFTz2iy26geCUGGXnxO1pN4EhF9D7Bg==
x-amz-id-2: 6iOT3bJX3AuOCHZ5gBubmYzay/6kKKRn03jPGgD1YFbkHsvY/niKYSa7ssENGlJEBH5Cb26mbDs=

GET
H2 200 381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js Show response
www.file.io/ 117 KB
66 KB 46ms
45ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:09 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:58 GMT
server: AmazonS3
x-amz-request-id: FGBPHKRCWNG3S29M
x-amz-cf-pop: FRA56-P5
etag: W/"9c41c9970ebc8fe4c98c8f02b631cd07"
age: 65314
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: TsFu4zhAsD8ZSyh402KBNwVVVsW1pzyG2q1Jl5no85q7s-jVG-S5lA==
x-amz-id-2: pChbMHjAAG4v00UctRU97wwV9GbUoP73Un9XmjOqLTgXzhWbXNZCrUhU6fK93y1EAE5Gjb7d9Cg=

GET
H2 200 a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js Show response
www.file.io/ 21 KB
9 KB 100ms
100ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:10 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:59 GMT
server: AmazonS3
x-amz-request-id: D9BPXXPPVW6PXC0J
x-amz-cf-pop: FRA56-P5
etag: W/"2b921aab089ea83ec7bb825f970e0b68"
age: 65313
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: -yqUx8kmU7YaGTMW2lEPR24AIwopLa3y-C5CmOorJTNdXDWNkn4jCw==
x-amz-id-2: J80ILegukPctYsPn7W1Dersx1dQXb2t6VYNn71T/2NPxvXyHSNkczShdEHZXL+BsuIHx7oWnWao=

GET
H2 200 6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js Show response
www.file.io/ 24 KB
8 KB 83ms
83ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:10 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:58 GMT
server: AmazonS3
x-amz-request-id: D9BNFGW84G8YWS6Y
x-amz-cf-pop: FRA56-P5
etag: W/"02f76c7d444e6eab701d07bea36dfd50"
age: 65313
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: Fdamv_g_K2L7W3e_wKtlPHVUtEoZw044A_jHAcXhlx7DqVKxxHgaqw==
x-amz-id-2: ZN6SyTlXM8PtFPW5tzXEHQi2WNKhSQX8g4xR9DbrF/GB0023GBnW1YRlgN+x5oPYSfAtAI0abzE=

GET
H2 200 component---src-pages-deleted-js-47be80d008d1be58f19d.js Show response
www.file.io/ 12 KB
4 KB 43ms
43ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-deleted-js-47be80d008d1be58f19d.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99d500649dda1858b411e79b0ddbf72bc884b414dc2293ee2503ff6884128a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:12 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:04 GMT
server: AmazonS3
x-amz-request-id: P25Q0P58YSV5JQE9
x-amz-cf-pop: FRA56-P5
etag: W/"deecbc59dd2a7d9cb6bb7152c9b899a2"
age: 65311
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: YBf9ArExj0oh5XvDlS9u7gDWbaZRYCewQ-u-3ahd7Dxf9T-cfaUytA==
x-amz-id-2: oyYiuVQhsdtaJGvqRnpSrWWDBki1OoPLvnOi0BbhA6yiDtVcfxE+KBv6GQlCG/dsBkgeyysDCIc=

GET
H2 200 1655680770.json Show response
www.file.io/page-data/sq/d/ 447 B
913 B 67ms
67ms XHR
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/sq/d/1655680770.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:02 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: XTEHHHFJAZK3GDXH
x-amz-cf-pop: FRA56-P5
etag: "c839c57483bd5d788408e7fc88e7cc8d"
age: 65141
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 447
x-amz-id-2: OEsQ9czm0dL0m7+sjMifORAVtgN/Ca7d9SG3iLyURNGa1/+43ds0iPa4intDb81/fe8Z+L1vtWE=
x-amz-cf-id: d0QYiWMsDD0xFtUL_YAEQSpmk-HbCpBY2tkDx0Z0LF0V20asTcKR4A==

GET
H2 200 1810866655.json Show response
www.file.io/page-data/sq/d/ 2 KB
860 B 101ms
101ms XHR
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/sq/d/1810866655.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:00 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: 5V4C885FX8Z4FTFA
x-amz-cf-pop: FRA56-P5
etag: W/"7bb0144e136507cd9bfbaceb72189d09"
age: 65323
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
x-amz-cf-id: q8UZrsXwawOtOLtXoCB-eq60l2Ryi6zuqdeFWrzzr5y1Z1AjQ0fB9A==
x-amz-id-2: LR/Q9HfKQzeJHuImbgPo+wE8499VQJztXsoRz8tYsdIc2KohSopc3DerEsOsKBZhJ5xxJHPLwHI=

GET
H2 200 ads-hodgepodge-ad-b4d620a1679ffb3b3837.js Show response
www.file.io/ 7 KB
3 KB 33ms
33ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/ads-hodgepodge-ad-b4d620a1679ffb3b3837.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6420982539ff72de2168dedd03fc1f343944fd681667aa64dce336064dc26879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:07 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:01 GMT
server: AmazonS3
x-amz-request-id: 4FPMYJJSCSJKHQEA
x-amz-cf-pop: FRA56-P5
etag: W/"0be8ea71b478169e9c47f21818d653f2"
age: 65316
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: rwe1_Cs5XviPw4Qq6tCgNPE6DMot4yXoB1KuCB4FAa2ptyTfC82G7A==
x-amz-id-2: ZY6Q7olI5YQDj+URBTSHfg+nQoOxe8t/1gR7fIMIjhxeEiHbZ6CTgXp9W19Ljk2iSoFrnoho5E0=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 27ms
27ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1674379524&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fdeleted&dp=%2Fdeleted%2F&ul=en-us&de=UTF-8&dt=Deleted%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=841832715&gjid=1024594266&cid=1386907672.1668826662&tid=UA-65658019-1&_gid=870320488.1668826662&_r=1&_slc=1&z=1958607856

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 85ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.file.io
URL: https://www.file.io/ads-hodgepodge-ad-b4d620a1679ffb3b3837.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1396 / 451 of 1000 / last-modified: 1668812924"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Nov 2022 02:57:42 GMT

GET
H2 200 prebid7.18.0.js Show response
www.file.io/scripts/ 163 KB
49 KB 37ms
36ms Script
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/scripts/prebid7.18.0.js
Requested by: Host: www.file.io
URL: https://www.file.io/ads-hodgepodge-ad-b4d620a1679ffb3b3837.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:07 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:12 GMT
server: AmazonS3
x-amz-request-id: 4FPXD8DF3367PWXV
x-amz-cf-pop: FRA56-P5
etag: W/"c488e1001b33af7893c3558f28b0fac8"
age: 65315
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: QW_eYw4gcbFHaw4faDgCLLSAUr2isHvXteRZbKWMGjMn9jqXqtGvDQ==
x-amz-id-2: 8xLreq4D6/iXGChy5R+ei7R4TK6bomLg5EOGEEnxLSZsSlF7Ql7SxreuiC3ImpFErltqkBHiBJU=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=1386907672.1668826662&jid=841832715&gjid=1024594266&_gid=870320488.1668826662&_u=aEBAAEAAAAAAACAAI~&z=1330421376

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 19 Nov 2022 02:57:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 22:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Nov 2023 22:26:53 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 206 B
738 B 95ms
30ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ceb17b76e0b5474ae4b8660522cd60467b1f33121aa5f0ff14503e8826c8c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Sat, 19 Nov 2022 02:57:42 GMT

POST
H/1.1 200
OK hb.php Show response
bid.glass/ad/ 19 B
317 B 505ms
110ms XHR
application/json 64.20.35.44
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.glass/ad/hb.php?src=prebid_prebid_7.18.0
Requested by: Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.20.35.44 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: bid.glass
Software: Apache /
Resource Hash: 6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 19 Nov 2022 02:57:42 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
262 B 178ms
121ms XHR
text/plain 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Sat, 19 Nov 2022 02:57:42 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c5ae10be4d9186-FRA
access-control-allow-methods: POST, GET

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 97ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.file.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
31ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.file.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
13 KB 934ms
893ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2068007738481181&correlator=1489768730393732&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=22175459031%2Cfileio-halfpage-gallery-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=2093335146&didk=470317410&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668826662990&lmt=1668761227&dlt=1668826661884&idt=632&adxs=806&adys=328&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=1240x600&msz=300x600&fws=0&ohw=0&ga_vid=1386907672.1668826662&ga_sid=1668826663&ga_hid=1674379524&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47031aeaf5c03dc7cdadd724df0ae198dc8631151bdcf43cfd5167d3913aff47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12891
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file.io
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 83ms
35ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0362dfe10745a7661a00a541ef1d413204c30f0fe7e1f73dde821414c746089d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11058
x-xss-protection: 0

GET
H2 200 container.html Show response
cb1762bd1b8587308ba1122c7643b6fc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D22 6 KB
3 KB 123ms
29ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb1762bd1b8587308ba1122c7643b6fc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 02:57:43 GMT
expires: Sun, 19 Nov 2023 02:57:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 99ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 02:57:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E315 13 KB
5 KB 68ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 22:15:51 GMT
expires: Sat, 18 Nov 2023 22:15:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 03D9 783 B
1 KB 81ms
32ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e6d2df6182e4f7eba9d313a70d31cb7796f458903ac9889a452367bdba70ce6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6wLbbXYBBQDLmVA90h9klw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-6wLbbXYBBQDLmVA90h9klw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 02:57:43 GMT
expires: Sat, 19 Nov 2022 02:57:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame E315 36 KB
16 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 03D9 0
0 91ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2068007738481181&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E315 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E0ltqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 1762 221 KB
61 KB 90ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 377331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1762 14 KB
5 KB 123ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 377331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1762 94 KB
28 KB 129ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 377331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1762 5 KB
2 KB 128ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 377331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1762 40 KB
13 KB 135ms
66ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 19 Nov 2022 02:20:47 GMT
age: 2217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 19 Nov 2023 02:20:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1762 6 KB
1 KB 81ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Nov 2022 02:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Nov 2022 02:54:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Nov 2022 02:57:44 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1762 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.file.io
URL: https://www.file.io/deleted/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 62270
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Nov 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1762 295 B
319 B 21ms
21ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.file.io
URL: https://www.file.io/deleted/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 23:28:16 GMT
x-content-type-options: nosniff
server: cafe
age: 12567
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Nov 2022 23:28:16 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1762 0
0 67ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjMLEJ0Z4Y6_1BO-89u8Pk8KE4A_-ttS5bcnsjrf4ENGgm-iODhABINS4rwNglQKgAeCB8PgoyAEJqQKXWJ4e81SxPuACAKgDAcgDCqoEggJP0Hj6h8kuIKYpm7jiTGYuP4z7BohdCoTscmyrGRsnWBEaCuv82hvOm0_cJx_qRW4PWZj_s6yEUswerfW4XFgwmvOFYFvV7qVcpM2Y0butf4u6LO6jtNXy6TN_b2bsvMkhrMT9t5LpHnNrMn_FX_HaHF2buPPpZq1yL4Rbe7fzLzUx0YrsbA1qw9gFTpeNKv0gk7xxiNK4XB_94AcB9sQ1dPWmi6Lg0RJK9Ya-MfarRUxCTNOwqg57ki4yEelBTG-1555nVIxJzuAGF3BIxs4b_Gz0PChJ6rzRTljjwJ2S4XZVxLk225jg8uig5HaVC9Y05oFcxBxO9IsXMW8LYIUB7YvABNKg8KiCBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfgucDYA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJWpItIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsBuBPkA9gTDYgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MzM4MjA5OTIxNjEyNTk1GKX0eA&sigh=1MLDYizyIBk&uach_m=[UACH]&cid=CAQSTADq26N9nv-L7btJr65rduQQ0TVl1KXC6bmmdISCjGZ4zZYPy3iaq5P4QmgTc85jhznVzgKHCbO9Egq0QE4V7Auw2MZgv9GHikLYKzMYASAT&template_id=484
Requested by: Host: www.file.io
URL: https://www.file.io/deleted/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/16723622899875402000/ Frame 1762 50 KB
50 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16723622899875402000/2076313506083323656

Requested by

Host: www.file.io
URL: https://www.file.io/deleted/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbb5c76f45e4cc600ba9bbccbad5b8e2193bb7c101dcc4dab36499478377f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 09:14:52 GMT
x-content-type-options: nosniff
age: 63771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50973
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:33:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Nov 2023 09:14:52 GMT

GET
DATA 200
OK truncated
/ Frame 1762 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1762 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46bc770db09042c7e17688f33552c3d1f806fee69c881e895eb492822aa88912

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2068007738481181&bg=!JSalJmLNAAbvMpMzzzI7ACkAdvg8Wt1LfDmgYDxK0-J-bswJZbfZvP0IKQya5hgfoXi9i0TNaydBTQIAAABZUgAAAAJoAQeZAptb4y1RpB0SdTkIvINocUgAzUoRJTo3iObJOgTDqi7X2FCyczZq5JEg4amjmHHZUR7ddNwJ6YMddgG0ddT1rnkVCpXQD967l4ae5NHcNHOBtOxlLx4s-ri0Jv-shml2Dm5o36GUfiAqbY7_jd9Nzl-AoLW-7fUM3gafWDOpZPf69KJlfh8RMNRfCR1rkY73NpTtWqkg2THri0kFsZRUgIzMWi7MEQ0K0qelQZpjFL_n2qSwprCcigTmPqFwqf4pvarBhmgLHgMejbawSGSAeIYrld6I4JBgaMkF_HWMKj5PcO3IdxBYD1JJ25hd5k7Bp7u9cpRNOHEhNUmDMeNkdINzGBLYbMQzJU-HYgxD3d1cyN7HUsxiDduYpGtemKPC2HMlFDpUyIS0v4tx_llDuasjLVIigLzEv4cJ_xHRoYKxOlQ7I77m-JetRXuXScwhZxr4ydJ0wLwmQN3HpbgeNuONR1t_cLsu1_DTlz0ITQtbztu7W-4rEKIPRebmAcORjcLtBDMSP-EAS6tkCfQeOY-Xrmy6sIaMUzOq-0d6zENSieKgJetGNcVb0ldBiCKvsNEdTpc6U3zRofFSnZogNJK77vjOR4C63ji7V8nQPucpEllNzk6To0kK0x8AWXTclFWf71sMFyWjI1NvPWGUKzklbiYilikVxBd_gVa-37d9hpRYvhoYMuoMYtaAwrvQoWtajK2Z4argGAByn1ruZpzU4BXYm6U8Z2ztMLQWml7KZbGWUPlwaFDM1xZpd8sp5y7LE4KA5M_WQSdAo-X8Hkv0v598X--ETyBv0bkUy5tRK9DXl4Y460AKnsDZTjgDnUuCgDDmbz_MkD22RCt1eDk5rqWRHVGj61InJ4S-Df1mQz0SmMnkQ4jzfcdU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1762 15 KB
16 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 78495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:09:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1762 15 KB
15 KB 74ms
26ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 23724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 20:22:20 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1762 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVcgqLmoarjshgXtwHv98CYbiWe4sYRVLDjOAoB46ZNLX4R0i9QrMiU5bNndWvkW8wTj8-GkaTMm5WKRtMuKlO4RYLm8chAV_rhQERg7zGPSCtQkw1rO3MQJKQfsPRx8XZpLF84w&sai=AMfl-YT58jty5G0kRVjQkr0ZYCTiQ4lDx46IZSw-sEN043fkARiiOjr2w1gEFl5E6i_s2zBj_1zoyl_mTz3mgRnD9xtWgFbtY-Km_82o8vAVyJdm0voe8gD2YArOCrPALNy_iOL1WXopvt2TqS9EAv_g&sig=Cg0ArKJSzAwWS2dZ49BOEAE&cid=CAQSTADq26N9nv-L7btJr65rduQQ0TVl1KXC6bmmdISCjGZ4zZYPy3iaq5P4QmgTc85jhznVzgKHCbO9Egq0QE4V7Auw2MZgv9GHikLYKzMYASAT&id=ampim&o=806,328&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=207&tls=1208&g=100&h=100&tt=1208&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page-data.json
www.file.io/page-data/plans/ 0
607 B 171ms
170ms Other
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/plans/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34TKV4W00SXAWHQ
x-amz-cf-pop: FRA56-P5
etag: "1022652c2bef86b84cb16cd11c50b2ca"
age: 65136
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 141
x-amz-id-2: yDKWOK34sWVKcdbkZ13GtNmxUpXJ0aMAVraSQRnhHX12rYSUFz6A3L4KcvcRmXA1TcIvURbkhyA=
x-amz-cf-id: CqSsoSLojFb3GBC7UGcWRf-fmSa4qifIEpPXxKU2GC3ym_lQ8pRGow==

GET
H2 200 page-data.json
www.file.io/page-data/about/ 0
611 B 37ms
36ms Other
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/about/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:41 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: 49ATAM99HJ4F1MCZ
x-amz-cf-pop: FRA56-P5
etag: "cfb91ae7cd0473e276a9361907a683fc"
age: 65104
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 147
x-amz-id-2: cxV/i7s33KtSe9/MUW8RGpQ8a1MVuW3b0jo2jVSENMRwlVx17+WW7CgnFKJ9R5nDHrApRaLMfK0=
x-amz-cf-id: ZhLf4ddVhdiCUd2c9QhWpuqLWi8AyuDqc3_cjqMI2QVaxm578STsMA==

GET
H2 200 page-data.json
www.file.io/page-data/signup/ 0
605 B 37ms
37ms Other
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/signup/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34G04VJVZHT57ZG
x-amz-cf-pop: FRA56-P5
etag: "68baf9ac2f5dcaef64744f1f45d71de0"
age: 65136
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 137
x-amz-id-2: 24AmI4j1UEnfo3MaGdBzQY8SKyyqDei8SRCrAiF+xp/bvhx4U51d8ge/lhl2SdFXZjiTq7oI55g=
x-amz-cf-id: jENDDaf7aSoRiqV3--Qsm7c3fCEld4InOHXRZXTdSjLJ64IBlTgfGQ==

GET
H2 200 page-data.json
www.file.io/page-data/developers/ 0
640 B 35ms
35ms Other
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/developers/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:41 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: 49AYTFTWG9PRVX75
x-amz-cf-pop: FRA56-P5
etag: "d7bc956a5292f7440e9ca53e421dd579"
age: 65104
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 163
x-amz-id-2: sgClGiKaNg1p0a2rSCczYYWPTBkYnyPUISh5r+oLZR5KqW8bDp+gD1l1UPJN3NQV1nC4qzuqv2wBEpnWqJLKxg==
x-amz-cf-id: rE1UjgA6j9DaLoouZDoUuoPaG5vtD_afAsW2xMJPN1JX5j7Sna4AOg==

GET
H2 200 page-data.json Show response
www.file.io/page-data/developers/ 163 B
641 B 34ms
34ms XHR
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/developers/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:41 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: 49AYTFTWG9PRVX75
x-amz-cf-pop: FRA56-P5
etag: "d7bc956a5292f7440e9ca53e421dd579"
age: 65104
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 163
x-amz-id-2: sgClGiKaNg1p0a2rSCczYYWPTBkYnyPUISh5r+oLZR5KqW8bDp+gD1l1UPJN3NQV1nC4qzuqv2wBEpnWqJLKxg==
x-amz-cf-id: 8fh8HoLjqFlYH2O79TXCgn1pUiWeH3V8IMIi5adVcDQCmbW-RRL-3Q==

GET
H2 200 page-data.json Show response
www.file.io/page-data/about/ 147 B
611 B 33ms
33ms XHR
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/about/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:41 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: 49ATAM99HJ4F1MCZ
x-amz-cf-pop: FRA56-P5
etag: "cfb91ae7cd0473e276a9361907a683fc"
age: 65104
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 147
x-amz-id-2: cxV/i7s33KtSe9/MUW8RGpQ8a1MVuW3b0jo2jVSENMRwlVx17+WW7CgnFKJ9R5nDHrApRaLMfK0=
x-amz-cf-id: vcwsPYiWgCt1uVv5cW2n5uQIa44jl8OrMleCq-_6yCPG4fOe6CK71w==

GET
H2 200 page-data.json Show response
www.file.io/page-data/signup/ 137 B
605 B 48ms
48ms XHR
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/signup/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34G04VJVZHT57ZG
x-amz-cf-pop: FRA56-P5
etag: "68baf9ac2f5dcaef64744f1f45d71de0"
age: 65136
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 137
x-amz-id-2: 24AmI4j1UEnfo3MaGdBzQY8SKyyqDei8SRCrAiF+xp/bvhx4U51d8ge/lhl2SdFXZjiTq7oI55g=
x-amz-cf-id: RZqJYB1j6CiqbO9TIUfkcX8vBfhwoSaGM1x5mpCZbH8rLEhNDPeaLQ==

GET
H2 200 component---src-pages-about-js-e796be312b3f5a0e66a9.js
www.file.io/ 0
1 KB 35ms
35ms Other
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-about-js-e796be312b3f5a0e66a9.js
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:18 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:03 GMT
server: AmazonS3
x-amz-request-id: GBJZ9NRRM849XXE6
x-amz-cf-pop: FRA56-P5
etag: W/"9bb0618c91746ad73fe92abe83c168d2"
age: 65308
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: CcM34qfg4AdvaUicgJjtDV6e1UR5XtZINHyTieCFxzKRq4Ej9tdShw==
x-amz-id-2: QM9TxYjfhe3Q71ur59ZRdBdg+fqUYL+IyH/xnfkiAnpAxy6eUht6r0wzUNLtyPdgkxMpeLF78kg=

GET
H2 200 component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
www.file.io/ 0
169 KB 38ms
38ms Other
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:19 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:04 GMT
server: AmazonS3
x-amz-request-id: HA6WKKXAY445AVXF
x-amz-cf-pop: FRA56-P5
etag: W/"80a59b6f64d0402abb9842573879e8fb"
age: 65307
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 5QEyrbV6E_Ho-k8ThUOvIhFxhFsJ8p2bonFKaMkGUiT9Z6rtagbE0A==
x-amz-id-2: +Vs+HsjMRayVTfqp27xJNI9jx7C/lQvMycHfhJDLm7aHap29y0g5sEVOYbiZDSpkvoH9Qv4hBOo=

GET
H2 200 component---src-pages-signup-js-6276362a910cd31f83ca.js
www.file.io/ 0
7 KB 44ms
44ms Other
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-signup-js-6276362a910cd31f83ca.js
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:18 GMT
content-encoding: br
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:07 GMT
server: AmazonS3
x-amz-request-id: GBJTYV2915KMKJTG
x-amz-cf-pop: FRA56-P5
etag: W/"f532f8654ef9d6e2ccba95d194e45cc2"
age: 65308
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: rVxvGp9v7wDFVNRZRh8AIaoIY-0eZw-4jQxLTdHz49S7btNCPNNkyA==
x-amz-id-2: YC/BlQpXjVzktRCTEvcp7KMht0irW1Q0UXz4SOz8dr1h2nuvyLTS3l/WvxVxVTQ4fvBA2oeA5vU=

GET
H2 200 page-data.json Show response
www.file.io/page-data/plans/ 141 B
607 B 35ms
34ms XHR
application/json 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/plans/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34TKV4W00SXAWHQ
x-amz-cf-pop: FRA56-P5
etag: "1022652c2bef86b84cb16cd11c50b2ca"
age: 65136
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 141
x-amz-id-2: yDKWOK34sWVKcdbkZ13GtNmxUpXJ0aMAVraSQRnhHX12rYSUFz6A3L4KcvcRmXA1TcIvURbkhyA=
x-amz-cf-id: C5IG7cDtt1VtIiq11YfEJQ5FrbeYzo8Uyy55EIuyINDH41iJebQFZQ==

GET
H2 200 component---src-pages-plans-index-js-4d7d70651af058699199.js
www.file.io/ 0
940 B 34ms
34ms Other
application/javascript 18.66.112.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-plans-index-js-4d7d70651af058699199.js
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:03:07 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:06 GMT
server: AmazonS3
x-amz-request-id: W50E70KJEZD5YMTB
x-amz-cf-pop: FRA56-P5
etag: "66b96715a5faba1158fa14385302dc0f"
age: 46479
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 473
x-amz-id-2: hG8nZwAh4GxWJypvRJ28PIyDYYyPaRiMHK4M+CWQ1qn3k+2uVlnQtMk9Vy4x2wpa5YzITYIQF6o=
x-amz-cf-id: 6s5SZSk5cfze85XsOevSaLFIEg1Oy86bBsV4pAshbqMPKwqN58Td2A==

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 1814 4 KB
1 KB 121ms
112ms Document
text/html 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 933a4741c923a7486c1a88f33f8108d71d61061d6016d5d9a2940ef21b49b439

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76c5ae2668219186-FRA
content-encoding: gzip
content-type: text/html
date: Sat, 19 Nov 2022 02:57:46 GMT
server: cloudflare

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1814
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=e1ded7bb-8e18-5243-8bc7-4575e8bf035f

43 B
94 B

108ms
107ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=e1ded7bb-8e18-5243-8bc7-4575e8bf035f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c5ae2aac9d9186-FRA
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=e1ded7bb-8e18-5243-8bc7-4575e8bf035f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 1814 0
282 B 94ms
28ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 19 Nov 2022 02:57:46 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1814
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8754259124876196755

43 B
105 B

110ms
110ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8754259124876196755
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c5ae296b689186-FRA
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 02:57:46 GMT
AN-X-Request-Uuid: 70e88818-2219-47f9-9ae9-eae636820ffd
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8754259124876196755
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 1814 0
35 B 113ms
23ms Image
text/plain 3.120.168.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.168.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-168-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1814
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://ce.lijit.com/merge?pid=279534&3pid=ua-fb8ff84e-436c-3b28-bc66-f6e270a78819&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ce.lijit.com/merge?pid=279534&3pid=ua-fb8ff84e-436c-3b28-bc66-f6e270a78819&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ssp.disqus.com/match?bidder=12&buyeruid=FrNRsRZHXm4KmpfVS4CYg_2A&r=Cid1YS1mYjhmZjg0ZS00MzZjLTNiMjgtYmM2Ni1mNmUyNzBhNzg4MTkqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG...
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-fb8ff84e-436c-3b28-bc66-f6e270a78819

43 B
117 B

110ms
110ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-fb8ff84e-436c-3b28-bc66-f6e270a78819
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c5ae2fbad19186-FRA
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-fb8ff84e-436c-3b28-bc66-f6e270a78819
pragma: no-cache
date: Sat, 19 Nov 2022 02:57:47 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 1814 0
241 B 76ms
20ms Image
text/plain 2600:9000:2057:8e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT
cache-control: no-cache, must-revalidate
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: uPZuj1P41-IOUGyv-WV4h_rIkv1U-5HkyyW5X2kowiMEXoDY2MAhcw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1814
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
94 B

111ms
111ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c5ae296b6c9186-FRA
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 19 Nov 2022 02:57:46 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Sat, 19 Nov 2022 02:57:46 GMT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 1814 43 B
1 KB 84ms
28ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 19 Nov 2022 02:57:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1814
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nsiO97JE2uECdVsCTpbd8IoYcXfZH.4zqJgtfqA-~A

43 B
94 B

108ms
107ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nsiO97JE2uECdVsCTpbd8IoYcXfZH.4zqJgtfqA-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c5ae297b7b9186-FRA
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nsiO97JE2uECdVsCTpbd8IoYcXfZH.4zqJgtfqA-~A
date: Sat, 19 Nov 2022 02:57:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame E44F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
1 KB

65ms
43ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48345cf9318d7f9d94f0d25af1b2698f318ec10f3a2b93ad6a982fbf1af0ba44

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76c5ae29886e693d-FRA
content-encoding: br
content-type: text/html
date: Sat, 19 Nov 2022 02:57:46 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWDqXaFfovq4e%2F3u27mH2fOcFTj%2Fd2zRFCmfFZwV3gkrrAzHUbcmyOsl4G0VGh1B0Dc%2FXnex9jYLgeWiLF6NW%2BTfyYBeRgDX8r%2F8No11vQkfbJnHC3yXxrTM0hYs%2FMln6ob58NslcPiCGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76c5ae2918bf91f6-FRA
content-length: 0
date: Sat, 19 Nov 2022 02:57:46 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B3B5CCabsdyV4SA13WDntLUKTc5wJR2QQu5TNuDsL2U%2FIjuxWn4dQaPmlg1pGuWx5rwQ7yOsHXMAu2EP3lBv2WdEp5jEzHLFhous59uOyHEXyutg4J5im6FTKbRWtvmeGdpTofcdkMp5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame BF7F 0
0 110ms
27ms Document
text/plain 213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FAE9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
554 B

184ms
21ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 19 Nov 2022 02:57:46 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 19 Nov 2022 02:57:46 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EF96 15 KB
6 KB 91ms
23ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=80691
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 02:57:46 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 20 Nov 2022 01:22:37 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame BF43 0
0 77ms
21ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame EF96 3 KB
3 KB 166ms
28ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15974683&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 30ae93cb48c827154a3bbaa34ed64f32936cdeacec8d582d1af14352dddeb997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 02:57:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E44F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB&dcc=t

43 B
855 B

131ms
131ms

Image
image/gif

52.46.130.91

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 02:57:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7E6865E001FFT92B7RDE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 02:57:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0135TXS29F68HZTKRT7B
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame E44F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIlh5zL2xKuFFfhQDUGgCpE&google_cver=1

43 B
846 B

40ms
40ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIlh5zL2xKuFFfhQDUGgCpE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHREz96DiEQWzzvXNK1V%2BS05pz69p6MfNwBEhekvZYvbgt1hgrx8mJjzSN6bpLY56Za4aj5v3UefoWfKdc2%2BppDHRKJNH2zSRG3nY1mAFEWgGYJKM8S%2BoMtqmW0lT2dV%2FwRj0Gla6xdbvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 76c5ae2b1a7d693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIlh5zL2xKuFFfhQDUGgCpE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E44F 70 B
264 B 508ms
52ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Nov 2022 02:57:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E44F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3hGKpFyRtnXy8ZHTOvO3wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAbvLFOE9Zqq-VgjawU89GM&google_cver=1

43 B
766 B

25ms
25ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAbvLFOE9Zqq-VgjawU89GM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 02:57:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAbvLFOE9Zqq-VgjawU89GM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E44F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7565702440851564940&expiration=1670036266

43 B
766 B

328ms
23ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7565702440851564940&expiration=1670036266
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 02:57:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7565702440851564940&expiration=1670036266
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E44F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3hGKpFyRtnXy8ZHTOvO3wAA%265153?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3hGKpFyRtnXy8ZHTOvO3wAA%265153

42 B
942 B

110ms
110ms

Image
image/gif

99.81.119.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3hGKpFyRtnXy8ZHTOvO3wAA%265153

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

99.81.119.147 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-00d737c39.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vVy1f6BGS4o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cJfK+ZPyRPg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3hGKpFyRtnXy8ZHTOvO3wAA%265153
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

rum
dsum.casalemedia.com/ Frame E44F
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1668913067

43 B
875 B

90ms
36ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1668913067
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpuWzl4lPCuVuqmtfkwMXvWSCJJRLmA0S5Pl3feZetZItUdFlS8h54uxdVsqlUon9zjOhyg%2Fuu%2B8nE69V6M5mNSk%2BWDIqOtHvvTlDasgHTtLm%2B7%2BHxc9onf24qkqs64Pi68pp38X"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 76c5ae2e08a9bbad-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1668913067
pragma: no-cache
date: Sat, 19 Nov 2022 02:57:47 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame E44F 42 B
181 B 508ms
51ms Image
image/gif 2a05:d018:cc3:fe05:9d2d:6adc:d56f:1d9c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:9d2d:6adc:d56f:1d9c -, , ASN (),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:47 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 setuid
sync.quantumdex.io/ Frame E44F 43 B
94 B 111ms
111ms Image
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Y3hGKpFyRtnXy8ZHTOvO3wAAFCEAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c5ae2a5c339186-FRA
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FAE9 34 KB
10 KB 22ms
21ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 63088459cdc3ca0401e4f47e6c13d3bac93568003c375f0a55dcff87e43d2e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 19 Nov 2022 02:57:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Nov 2022 08:05:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18432
Connection: keep-alive
Content-Length: 10070
Expires: Sat, 19 Nov 2022 08:04:58 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 5FEE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent=

35 B
467 B

34ms
33ms

Document
image/gif

37.157.6.233

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sat, 19 Nov 2022 02:57:46 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sat, 19 Nov 2022 02:57:46 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8502
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7660595833176703082

42 B
274 B

28ms
28ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7660595833176703082
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 02:57:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7660595833176703082
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6096
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bcb66378-462b-4500-bea4-170b3a916374&gdpr=0&gdpr_consent=

568 B
642 B

28ms
28ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bcb66378-462b-4500-bea4-170b3a916374&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 02:57:45 GMT
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 19 Nov 2022 02:57:47 GMT
Expires: Sat, 19 Nov 2022 02:57:46 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 169 32252b7 master cdg-pixel-x27 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bcb66378-462b-4500-bea4-170b3a916374&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E5C6 43 B
363 B 470ms
34ms Document
image/gif 178.250.0.163

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 02:57:46 GMT
expires: Sat, 19 Nov 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 494516
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 58A9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23612573-03D1-440F-B1EC-750A4710DA3B&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23612573-03D1-440F-B1EC-750A4710DA3B&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

201ms
201ms

Document
image/gif

54.239.33.158

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23612573-03D1-440F-B1EC-750A4710DA3B&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.33.158 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 19 Nov 2022 02:57:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TQB19TRS47EHWSCBJCT5

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 19 Nov 2022 02:57:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23612573-03D1-440F-B1EC-750A4710DA3B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: Y7WWEZGWQKJMPR4FZRV2

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1608
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8754259124876196755&gdpr=0&gdpr_consent=

42 B
448 B

437ms
26ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8754259124876196755&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 02:57:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 865da4f0-3322-4e01-843f-d901ba4fba6f
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 19 Nov 2022 02:57:46 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8754259124876196755&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 setuid Show response
sync.quantumdex.io/ Frame C126 43 B
94 B 113ms
112ms Document
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=23612573-03D1-440F-B1EC-750A4710DA3B
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76c5ae2a8c7c9186-FRA
content-length: 43
content-type: image/gif
date: Sat, 19 Nov 2022 02:57:46 GMT
server: cloudflare

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I2ElcwPRRA-x7HUKRxDaOw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

24ms
23ms

Image
text/html

88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=80691
accept-ranges: bytes
content-length: 5549
expires: Sun, 20 Nov 2022 01:22:37 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame EF96
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e07f6378-462b-4800-b3ca-ef8f6988bb7b

0
260 B

214ms
27ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e07f6378-462b-4800-b3ca-ef8f6988bb7b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 19 Nov 2022 02:57:47 GMT
Server: MT3 169 32252b7 master cdg-pixel-x32 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e07f6378-462b-4800-b3ca-ef8f6988bb7b
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 19 Nov 2022 02:57:46 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame EF96
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=23612573-03D1-440F-B1EC-750A4710DA3B&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

47ms
47ms

Image
image/gif

15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Nov 2022 02:57:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame EF96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjM2MTI1NzMtMDNEMS00NDBGLUIxRUMtNzUwQTQ3MTBEQTNC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
237 B

370ms
26ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 02:57:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

502

Pug
image2.pubmatic.com/AdServer/ Frame EF96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiWnMkyavFrc9ZpcvAlq9w&google_cver=1

0
0

369ms
26ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiWnMkyavFrc9ZpcvAlq9w&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiWnMkyavFrc9ZpcvAlq9w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame EF96 43 B
610 B 450ms
30ms Image
image/gif 34.91.62.186

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 02:57:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 18 Nov 2022 02:57:47 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame EF96
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1126726086101740331

42 B
217 B

332ms
26ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1126726086101740331
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 02:57:46 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:57:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1126726086101740331
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame EF96 70 B
265 B 473ms
50ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Nov 2022 02:57:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FAE9 284 B
536 B 457ms
28ms Image
image/jpg 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file.io/	1970-01-20 17:09:46	Name: _ga Value: GA1.2.1386907672.1668826662
.file.io/	1970-01-20 07:35:13	Name: _gid Value: GA1.2.870320488.1668826662
.file.io/	1970-01-20 07:33:46	Name: _gat Value: 1
.quantumdex.io/	1970-01-20 07:48:10	Name: uid Value: e3a5d500-3fdc-49d2-8bfb-6f277df06028
.file.io/	1970-01-20 16:55:22	Name: __gads Value: ID=a851243ef08dc39e:T=1668826663:S=ALNI_MYqm-AlqElQ9M7ZxGHPwvEx1wGAgw
.file.io/	1970-01-20 16:55:22	Name: __gpi Value: UID=00000b83f7ff84a3:T=1668826663:RT=1668826663:S=ALNI_Mapt_FF0WesE_hw0eefJtLVYndhNw
.doubleclick.net/	1970-01-20 16:55:22	Name: IDE Value: AHWqTUnwgPtzHwO0Nnhf9O2P1R4Dr0DD9R6tZaC4OruE8sx8H07v1yiJdNMp5FDC5wY
.adnxs.com/	1970-01-20 09:43:22	Name: uuid2 Value: 8754259124876196755
.id5-sync.com/	1970-01-20 07:33:46	Name: cf Value:
.id5-sync.com/	1970-01-20 07:33:46	Name: cip Value:
.id5-sync.com/	1970-01-20 07:33:46	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:33:46	Name: car Value:
.id5-sync.com/	1970-01-20 07:33:46	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:33:46	Name: callback Value:
.yahoo.com/	1970-01-20 16:19:44	Name: A3 Value: d=AQABBCpGeGMCEP1qOhLB3t4aQ941eX3plZoFEgEBAQGXeWOCYwAAAAAA_eMAAA&S=AQAAAnYkGJQ9a_CIAmCk8tR1zsA
.casalemedia.com/	1970-01-20 16:19:22	Name: CMID Value: Y3hGKpFyRtnXy8ZHTOvO3wAA
.casalemedia.com/	1970-01-20 09:43:22	Name: CMPS Value: 5153
.casalemedia.com/	1970-01-20 09:43:22	Name: CMPRO Value: 5153
.ads.pubmatic.com/	1970-01-20 07:35:13	Name: KCCH Value: YES
.media.net/	1970-01-20 16:19:22	Name: data-pbs Value: setstatuscode~~1
.analytics.yahoo.com/	1970-01-20 16:19:22	Name: IDSYNC Value: 192w~28de
.pubmatic.com/	1970-01-20 09:43:22	Name: KADUSERCOOKIE Value: 23612573-03D1-440F-B1EC-750A4710DA3B
.pubmatic.com/	1970-01-20 09:43:22	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 07:35:13	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 09:43:22	Name: DPSync3 Value: 1670025600%3A201_197_219%7C1668902400%3A174
.pubmatic.com/	1970-01-20 09:43:22	Name: SyncRTB3 Value: 1670025600%3A251_3_220_13_161_7_56_54_21%7C1670112000%3A35
.betweendigital.com/	1970-01-20 16:19:22	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 16:19:22	Name: tuuid Value: e1ded7bb-8e18-5243-8bc7-4575e8bf035f
.betweendigital.com/	1970-01-20 16:19:22	Name: ss Value: 1
.betweendigital.com/	1970-01-20 16:19:22	Name: ut Value: Y3hGKgAKuhgRfQMABpX4qyP2C_0EvUBKI9OwbA==
.adform.net/	1970-01-20 08:16:58	Name: C Value: 1
.adform.net/	1970-01-20 09:00:10	Name: uid Value: 1126726086101740331
.casalemedia.com/	1970-01-20 09:43:22	Name: CMTS Value: 3175
.disqus.com/	1970-01-20 16:19:22	Name: zeta-ssp-user-id Value: ua-fb8ff84e-436c-3b28-bc66-f6e270a78819

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiWnMkyavFrc9ZpcvAlq9w&google_cver=1 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bcb66378-462b-4500-bea4-170b3a916374&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
bid.glass
c1.adform.net
casale-match.dotomi.com
cb1762bd1b8587308ba1122c7643b6fc.safeframe.googlesyndication.com
cdn.ampproject.org
ce.lijit.com
cm.g.doubleclick.net
d.adroll.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
file.io
fonts.googleapis.com
fonts.gstatic.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.onaudience.com
s.ad.smaato.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssp.disqus.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.mathtag.com
sync.quantumdex.io
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
www.file.io
www.google-analytics.com
www.google.com
www.googletagservices.com
141.94.171.214
142.250.185.162
15.197.193.217
162.19.138.119
172.64.154.237
178.250.0.163
18.66.112.123
185.29.134.244
185.64.189.110
185.80.39.216
188.42.196.115
198.47.127.19
198.47.127.20
2.19.35.65
213.155.156.167
213.19.147.44
216.52.2.19
216.52.2.30
23.205.235.133
2600:9000:2057:8e00:1b:5138:8a40:93a1
2606:4700:10::6816:2560
2a00:1450:4001:809::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:fa8:8806:12::1370
2a05:d018:cc3:fe05:9d2d:6adc:d56f:1d9c
3.120.168.177
3.126.56.137
3.213.81.213
34.91.62.186
37.157.6.233
37.252.171.53
51.38.120.206
52.20.203.237
52.46.130.91
54.239.33.158
64.20.35.44
69.173.144.139
88.221.168.201
95.101.200.23
99.81.119.147
0362dfe10745a7661a00a541ef1d413204c30f0fe7e1f73dde821414c746089d
11e185c59e68173bb11c38327d38a40c91e9aff8d660c2c83e2e27ba20a604e8
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd
30ae93cb48c827154a3bbaa34ed64f32936cdeacec8d582d1af14352dddeb997
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46bc770db09042c7e17688f33552c3d1f806fee69c881e895eb492822aa88912
47031aeaf5c03dc7cdadd724df0ae198dc8631151bdcf43cfd5167d3913aff47
48345cf9318d7f9d94f0d25af1b2698f318ec10f3a2b93ad6a982fbf1af0ba44
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63088459cdc3ca0401e4f47e6c13d3bac93568003c375f0a55dcff87e43d2e40
6420982539ff72de2168dedd03fc1f343944fd681667aa64dce336064dc26879
6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5
6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
8b35556698e4334e4bf32a5fdc75df1c85fa5a30891fe80593e269f109cf3139
8cbb5c76f45e4cc600ba9bbccbad5b8e2193bb7c101dcc4dab36499478377f7f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
933a4741c923a7486c1a88f33f8108d71d61061d6016d5d9a2940ef21b49b439
99d500649dda1858b411e79b0ddbf72bc884b414dc2293ee2503ff6884128a40
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9ceb17b76e0b5474ae4b8660522cd60467b1f33121aa5f0ff14503e8826c8c3a
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
ce0b791928e69822c986829aedb5dc76879a3ceec12866ea3b025220c3773d43
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d2df6182e4f7eba9d313a70d31cb7796f458903ac9889a452367bdba70ce6a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a
ec6d5a5b2870c8eafd9b757bddb1207380592474611b07fa97839c94a4667ff1
ed36418f7bd0d9e901adfdfbfc7d9b1ff41c623c04152c8d884c4d67efa634d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.file.io Open in urlscan Pro 18.66.112.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

84 %HTTPS

31 %IPv6

37 Domains

54 Subdomains

37 IPs

6 Countries

1472 kBTransfer

3234 kBSize

34 Cookies

7 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.file.io Open in urlscan Pro
18.66.112.123 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

84 %
HTTPS

31 %
IPv6

37
Domains

54
Subdomains

37
IPs

6
Countries

1472 kB
Transfer

3234 kB
Size

34
Cookies

107 HTTP transactions
2 data transactions