www.file.io Open in urlscan Pro
18.66.112.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://file.io/usK7mT976RGx
Effective URL:
https://www.file.io/deleted
Submission: On November 19 via manual (November 19th 2022, 4:40:09 am UTC) from US — Scanned from DE

Summary HTTP 106 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 38 IPs in 11 countries across 37 domains to perform 106 HTTP transactions. The main IP is 18.66.112.21, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io.
TLS certificate: Issued by Amazon on February 24th 2022. Valid for: a year.

This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.233.226.104 34.233.226.104	14618 (AMAZON-AES) (AMAZON-AES)
32	18.66.112.21 18.66.112.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	64.20.35.44 64.20.35.44	19318 (IS-AS-1) (IS-AS-1)
9	2606:4700:10:... 2606:4700:10::6816:2560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 2	188.42.189.230 188.42.189.230	7979 (SERVERS-COM) (SERVERS-COM)
1	216.52.2.19 216.52.2.19	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.74.96.248 3.74.96.248	16509 (AMAZON-02) (AMAZON-02)
3 3	34.199.85.163 34.199.85.163	14618 (AMAZON-AES) (AMAZON-AES)
1 1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2 2	72.251.249.14 72.251.249.14	() ()
1	2600:9000:20e... 2600:9000:20eb:e600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 3	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	96.16.141.156 96.16.141.156	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
2 2	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
106	38

1 34.233.226.104 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-226-104.compute-1.amazonaws.com

file.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 18.66.112.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-21.fra56.r.cloudfront.net

www.file.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.20.35.44 (United States)

ASN19318 (IS-AS-1, US)
PTR: bid.glass

bid.glass	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e3c022f1964b8eb3de746a3121080f0d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.189.230 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.96.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-96-248.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.199.85.163 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-85-163.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (None, ) 2 redirects

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.141.156 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.24 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.148.16 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	file.io 1 redirects file.io — Cisco Umbrella Rank: 541458 www.file.io	860 KB
11	googlesyndication.com e3c022f1964b8eb3de746a3121080f0d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	45 KB
11	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	145 KB
10	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 458 image6.pubmatic.com — Cisco Umbrella Rank: 662 image2.pubmatic.com — Cisco Umbrella Rank: 882 simage2.pubmatic.com — Cisco Umbrella Rank: 671 image4.pubmatic.com — Cisco Umbrella Rank: 822	27 KB
9	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	8 KB
9	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 11251 sync.quantumdex.io — Cisco Umbrella Rank: 4125	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	109 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 582	2 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 279 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915	3 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 544	11 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 209 secure.adnxs.com — Cisco Umbrella Rank: 426	4 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 446	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	793 B
3	disqus.com 3 redirects ssp.disqus.com — Cisco Umbrella Rank: 1589	1 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 599 ce.lijit.com	2 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4495	562 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 280	546 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1902	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 752	612 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3206	419 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 631	363 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 615	506 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 2180	420 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 723
1	unrulymedia.com usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2723
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 479	1 KB
1	media.net 1 redirects hbx.media.net — Cisco Umbrella Rank: 1126	450 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 661	240 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 881	354 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 498	35 B
1	gstatic.com fonts.gstatic.com	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8709	792 B
1	bid.glass bid.glass	317 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	27 KB
106	37

	Domain	Requested by
32	www.file.io	www.file.io
8	sync.quantumdex.io	www.file.io sync.quantumdex.io ssum-sec.casalemedia.com ads.pubmatic.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	cm.g.doubleclick.net	5 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.file.io
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.file.io
3	simage2.pubmatic.com	ads.pubmatic.com
3	image2.pubmatic.com	ads.pubmatic.com
3	sync.mathtag.com	3 redirects
3	match.adsrvr.org	ssum-sec.casalemedia.com ads.pubmatic.com
3	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io ssum-sec.casalemedia.com
3	ssp.disqus.com	3 redirects
3	ib.adnxs.com	3 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
2	eus.rubiconproject.com	sync.quantumdex.io eus.rubiconproject.com
2	ups.analytics.yahoo.com	2 redirects
2	ce.lijit.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	www.file.io www.google-analytics.com
1	um.simpli.fi	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cms.quantserve.com	1 redirects
1	secure.adnxs.com	1 redirects
1	s.company-target.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	onetag-sys.com	sync.quantumdex.io
1	secure-assets.rubiconproject.com	1 redirects
1	usermatch.targeting.unrulymedia.com	sync.quantumdex.io
1	id5-sync.com	sync.quantumdex.io
1	hbx.media.net	1 redirects
1	s.ad.smaato.net	sync.quantumdex.io
1	prebid.a-mo.net	1 redirects
1	match.sharethrough.com	sync.quantumdex.io
1	ap.lijit.com	sync.quantumdex.io
1	googleads.g.doubleclick.net	www.file.io
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	e3c022f1964b8eb3de746a3121080f0d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	useast.quantumdex.io	www.file.io
1	bid.glass	www.file.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	www.file.io
1	file.io	1 redirects
106	55

This site contains links to these domains. Also see Links.

Domain
mrcowboy.com
bid.glass
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
github.com

Subject Issuer	Validity	Valid
*.file.io Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.onezo.bid.glass R3	`2022-10-02` - `2022-12-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.file.io/deleted
Frame ID: C0EF3EC6497C53DD365BDD7E0C7C0E80
Requests: 46 HTTP requests in this frame

Frame: https://e3c022f1964b8eb3de746a3121080f0d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 33273B3699837F1ADF51457B57911361
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D1DAC23BEC717BB1FBE272DAC0FCB79F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9858F00CB392BCA187C1C6F34E685A0F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 697F633CAE59B8AC88036D916BF32C67
Requests: 14 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 3D180A05E251738D0AE936654D93E600
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 7D1B5A3889B9E3B6EA8F981FF90A586C
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: C06C79FC53AC8B6F8F3E9EA6BCDCCB9C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: D27D122B9388367972B12A0029DD8B01
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 045E4745A9E4CC65A704F20D1DA98814
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C62244FBCC18F20A833B18EE73AFDD7D
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent=
Frame ID: 8305309A9723364C472DEED92884050D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8528085394414406462
Frame ID: 6455BBF0BAC47544F630FAA9557D84DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62536378-5e27-4f00-8a41-d113cfef3d0c&gdpr=0&gdpr_consent=
Frame ID: 145F92B007A57107128BAAC72166DE29
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 11F28109F1C4CC4D1797A1A32A7C03F1
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=70D873BF-E45D-4394-ABF1-722DB16A56F2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2DE98E28317F86F6E47161DC26B8310E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2917598791516013547&gdpr=0&gdpr_consent=
Frame ID: 25092A171E5FF42003495513E0481BA3
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=70D873BF-E45D-4394-ABF1-722DB16A56F2
Frame ID: FDCB7459801590A91F10EF07DBD1F942
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deleted | file.io

Page URL History Show full URLs

https://file.io/usK7mT976RGx HTTP 302
https://www.file.io/deleted Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

106
Requests

82 %
HTTPS

30 %
IPv6

37
Domains

55
Subdomains

38
IPs

11
Countries

1289 kB
Transfer

3187 kB
Size

52
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://mrcowboy.com/
Title: Mr Cowboy LLC

Search URL Search Domain Scan URL

URL: https://bid.glass/file.io
Title: Advertise

Search URL Search Domain Scan URL

URL: https://twitter.com/filedotio

Search URL Search Domain Scan URL

URL: https://www.facebook.com/file.io

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/fileio

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/file-io

Search URL Search Domain Scan URL

URL: https://github.com/file-io

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://file.io/usK7mT976RGx HTTP 302
https://www.file.io/deleted Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=a2f72a6d-d774-5243-8570-2aa0e6087487

Request Chain 68

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2917598791516013547

Request Chain 70

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00NzFlNTdmZi1hYzE2LTNiYmYtYTU3ZC0wOWM2OGQyYzhhMWEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTQ3MWU1N2ZmLWFjMTYtM2JiZi1hNTdkLTA5YzY4ZDJjOGExYTICBgw4AQ==%26buyeruid%3D HTTP 302
https://ssp.disqus.com/match?bidder=6&r=Cid1YS00NzFlNTdmZi1hYzE2LTNiYmYtYTU3ZC0wOWM2OGQyYzhhMWEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTQ3MWU1N2ZmLWFjMTYtM2JiZi1hNTdkLTA5YzY4ZDJjOGExYTICBgw4AQ==&buyeruid=189f5964-b58c-4b7a-8dae-bb0c4e907efd&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS00NzFlNTdmZi1hYzE2LTNiYmYtYTU3ZC0wOWM2OGQyYzhhMWEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTQ3MWU1N2ZmLWFjMTYtM2JiZi1hNTdkLTA5YzY4ZDJjOGExYTICBgw4Ag== HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS00NzFlNTdmZi1hYzE2LTNiYmYtYTU3ZC0wOWM2OGQyYzhhMWEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTQ3MWU1N2ZmLWFjMTYtM2JiZi1hNTdkLTA5YzY4ZDJjOGExYTICBgw4Ag%3D%3D&dnr=1 HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=FrO4pRZHQLrJJkLtQGiBDOIy&r=Cid1YS00NzFlNTdmZi1hYzE2LTNiYmYtYTU3ZC0wOWM2OGQyYzhhMWEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTQ3MWU1N2ZmLWFjMTYtM2JiZi1hNTdkLTA5YzY4ZDJjOGExYTICBgw4Ag== HTTP 302
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a

Request Chain 72

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 74

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-TylcHflE2uFeFVY52ddlys8Ita2HYL1shV1s7f0-~A

Request Chain 75

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 77

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 81

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB&dcc=t

Request Chain 82

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3heJ6OkZPSv9L4TuLpbfgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKc-Pq3Plv1Z_eFwCgQ96Ag&google_cver=1

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH1fqh8ANOaBjjSgN9EAVkU&google_cver=1

Request Chain 85

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684471207&external_user_id=03a2ea92-fad9-4257-810f-30ffb48a2d38

Request Chain 86

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=62536378-5e27-4f00-8a41-d113cfef3d0c

Request Chain 87

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2917598791516013547

Request Chain 88

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=25n75djP_urAnPW_iZvh6d6S_-jAnKi7j5OJbv2_

Request Chain 92

https://c1.adform.net/serving/cookie/match?party=14&cid=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent=

Request Chain 93

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8528085394414406462

Request Chain 94

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62536378-5e27-4f00-8a41-d113cfef3d0c&gdpr=0&gdpr_consent=

Request Chain 96

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=70D873BF-E45D-4394-ABF1-722DB16A56F2&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=70D873BF-E45D-4394-ABF1-722DB16A56F2&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 97

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2917598791516013547&gdpr=0&gdpr_consent=

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cNhzv-RdQ5Sr8XItsWpW8g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 100

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=62536378-5e27-4f00-8a41-d113cfef3d0c

Request Chain 101

https://pixel.onaudience.com/?partner=214&mapped=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzBEODczQkYtRTQ1RC00Mzk0LUFCRjEtNzIyREIxNkE1NkYy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEfBLnSO6vu_nEhoes5HuOg&google_cver=1

Request Chain 105

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2130901063954444841

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request deleted Show response
www.file.io/
Redirect Chain

https://file.io/usK7mT976RGx
https://www.file.io/deleted

440 KB
111 KB

64ms
36ms

Document
text/html

18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec6d5a5b2870c8eafd9b757bddb1207380592474611b07fa97839c94a4667ff1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71453
cache-control: public, max-age=0, s-maxage=86400
content-encoding: br
content-type: text/html
date: Fri, 18 Nov 2022 08:49:11 GMT
etag: W/"941d3ceb51fa36384a2d3076027df915"
last-modified: Fri, 18 Nov 2022 08:47:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-id: z4rkRdW-j4UzD8ieeeQK2LIrKZIBHtncgQkMI9WxM8m6lzyNpn4ugw==
x-amz-cf-pop: FRA56-P5
x-amz-id-2: 8fFvVWk4d9C49hyNleOouRjXtbI/xNuV7NhJlh13VeBtJxwDSw6vTXlroqLS69u9KGz/oBlA0f0=
x-amz-request-id: 91JFE8TP7ZQ1J5QX
x-cache: Hit from cloudfront

Redirect headers

access-control-allow-headers: Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin: *
access-control-expose-headers: X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
content-length: 98
content-type: text/html; charset=utf-8
date: Sat, 19 Nov 2022 04:40:03 GMT
location: https://www.file.io/deleted
retry-after: 60
vary: Accept
x-ratelimit-limit: 1
x-ratelimit-remaining: 9
x-ratelimit-reset: 2022-11-19T04:41:03.034Z

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 188ms
37ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 03:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4514
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 19 Nov 2022 05:24:49 GMT

GET
H2 200 Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 317 KB
318 KB 42ms
42ms Font
font/woff2 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer: https://www.file.io/deleted
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:05 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:14 GMT
server: AmazonS3
x-amz-request-id: 12BPDAZ7XQG96T1X
x-amz-cf-pop: FRA56-P5
etag: "8dd26c3dd0125fb16ce19b8f5e8273fb"
age: 71279
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 324864
x-amz-id-2: 9zBBL0+bk6VnPshKTFYHDRn7vV5e5XxiOdMyGY4FaysmOHmhcteft/eA7U+qGXbFjRbUKSt0Guc=
x-amz-cf-id: Z7xveYrs5zC2sejck4tIYsc3-wJK41HElxbLjmi8wFDUZ8eRA5CIKA==

GET
H2 200 app-bd8cc0780fb633513965.js Show response
www.file.io/ 651 KB
159 KB 31ms
30ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/app-bd8cc0780fb633513965.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce0b791928e69822c986829aedb5dc76879a3ceec12866ea3b025220c3773d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:03 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:02 GMT
server: AmazonS3
x-amz-request-id: TKRKEYMSF53ZH2HY
x-amz-cf-pop: FRA56-P5
etag: W/"a11f51557ece76157a6491eb33b328dd"
age: 71461
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: QN-2F9MuZMIuPLqc-0ZKViAwZ3HTGOXk-mfA-Bxht19wWYoP7U2Hdg==
x-amz-id-2: BDfAqL9BonpnA0s8793Ub57ce2aN/lOEOE0dSGJvCA0fV4zahraVVJV3TnaMS1MVwO0tmtO16Ws=

GET
H2 200 0eceb729-761e2b4090024f08e2ca.js Show response
www.file.io/ 12 KB
2 KB 43ms
41ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/0eceb729-761e2b4090024f08e2ca.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:03 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:57 GMT
server: AmazonS3
x-amz-request-id: TKRH0K9S3TFH3RPY
x-amz-cf-pop: FRA56-P5
etag: W/"d8fa3e295945b4065c7adabadd2be99b"
age: 71461
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: pXauyrOp_mxq3jKBEmAeVlyq1hjO98hSEMPMOKCe2KnKVVphGG_beQ==
x-amz-id-2: +QTnX0bwHYYPJQDtwnQUIs03/vKPsUHA+pm/AT3DdZHTL32WwQeOSLbiGd7Ci0ew5TS3qTKbZ6E=

GET
H2 200 d6a9949e-4e9c210da2d83a376ddb.js Show response
www.file.io/ 51 KB
6 KB 74ms
72ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:03 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:07 GMT
server: AmazonS3
x-amz-request-id: TKRJVNNEMTNBFP9J
x-amz-cf-pop: FRA56-P5
etag: W/"2feda6389a53a29ad5102ef7918752f6"
age: 71461
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: ESKC3otTc8w7scrxTM5AgP_EBlbwwgvIOofv6CPNqDuMIjZKpUwR7Q==
x-amz-id-2: pjVwPeK4ylUV7G/tAQ/1xA+mVWBkLhNZS169NqalQfVJ4q3lSaUDYhgT32oQXnKubBbxuUZGtR4=

GET
H2 200 e82996df-3c73e38611643c5bb219.js Show response
www.file.io/ 50 KB
14 KB 22ms
21ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/e82996df-3c73e38611643c5bb219.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:08 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:08 GMT
server: AmazonS3
x-amz-request-id: KTEHJCT7WM4MMBZE
x-amz-cf-pop: FRA56-P5
etag: W/"785aafc2bda0f767992456b4ba1b0627"
age: 71456
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: BuRIGSV1p0iNodKbnXKyFPUXyZOAlqJqNXk-wFRy-t8Fke8icy4scw==
x-amz-id-2: jfaipj5Of9PalIda68sm0CzgfCnYHFs5E7hruAkLy1KXVQBu510ezl44Asz2X+O13sIQcJT8fOw=

GET
H2 200 framework-8fce40ee519418a713c9.js Show response
www.file.io/ 145 KB
42 KB 44ms
43ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/framework-8fce40ee519418a713c9.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:08 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:09 GMT
server: AmazonS3
x-amz-request-id: KTEMVQFKEHPRD6MP
x-amz-cf-pop: FRA56-P5
etag: W/"c4a5f7717ceee6ea81514ff62873ada9"
age: 71456
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 9WRUa98pRWji56t2ZjwAYsAnvpd2R0ccNBawEAzaWs5zufWkZbBRFQ==
x-amz-id-2: A3no/47EdNwZL3mb9F9lxN6MfCwDf4/h/y6DrBxqK3ynaw/2g5nFNpzQ+ezaefJoZSVgCax4r58=

GET
H2 200 webpack-runtime-1ba38f695df4d8147637.js Show response
www.file.io/ 9 KB
4 KB 51ms
50ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b35556698e4334e4bf32a5fdc75df1c85fa5a30891fe80593e269f109cf3139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:03 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:14 GMT
server: AmazonS3
x-amz-request-id: TKRS4F8G09X7ZCRE
x-amz-cf-pop: FRA56-P5
etag: W/"98dfd1fdbed6c706f1a4dadfe5d2fc41"
age: 71461
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: ik8vxDASSQDWWqDbFaN4oUJTCRUmpedw_SOWw8olzWpT-9p2ERd_sQ==
x-amz-id-2: 4xbOrJtq6Ipbp6oT3kFK/eXpC0YMnA30jmBhtSOMShCg8SOpWM4PvbvEFmBJuSgxU7gRCn95Ftw=

GET
H2 200 app-data.json Show response
www.file.io/page-data/ 50 B
518 B 23ms
22ms XHR
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/app-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed36418f7bd0d9e901adfdfbfc7d9b1ff41c623c04152c8d884c4d67efa634d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:51:15 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: MH9JNY4AE5K5JZQJ
x-amz-cf-pop: FRA56-P5
etag: "6bae2b6ac74bb26f2860a9cf277328b7"
age: 71329
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 50
x-amz-id-2: FnFUf4UJCn/FyS+2e5hm+seFAcmSE/mDDFZyYLVzvdzMqIZgOOkjupWa6PvcUNgXxSnnPy3MD6w=
x-amz-cf-id: 9QTzIH5g8xMfbMU_PY5hjJ_52mZUriXUry6KpmPsI02pWTSQoFiNhw==

GET
H2 200 page-data.json Show response
www.file.io/page-data/deleted/ 152 B
619 B 21ms
21ms XHR
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/deleted/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:51:27 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: 7YF1FYKAW168GZ0Y
x-amz-cf-pop: FRA56-P5
etag: "728a4f433ef9bed1433eaa226cad06d0"
age: 71317
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 152
x-amz-id-2: 9rvHynq2AClMsuX9u/z1+TXEXrYXUF71GKJhP0XdL5HT/LkrPeQsaXgcyT2CkdZXnbi28BRXUXQ=
x-amz-cf-id: iBIpD16s98PrytymVj9Iqgc6-5YlXv84NDE7AOj4CLkPeosXyIahNg==

GET
H2 200 cb1608f2-86eb2737c3b59340ea35.js Show response
www.file.io/ 18 KB
7 KB 22ms
21ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/cb1608f2-86eb2737c3b59340ea35.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11e185c59e68173bb11c38327d38a40c91e9aff8d660c2c83e2e27ba20a604e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:09 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:02 GMT
server: AmazonS3
x-amz-request-id: FGBVQ8CT6TTR01F9
x-amz-cf-pop: FRA56-P5
etag: W/"702778321877e371451569e80d56651b"
age: 71455
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: d8qg4R-4zVhiCdCnqdsmmHqeBQzp4fxfV0DdYzOpnGxj3EEbZIAZTg==
x-amz-id-2: lAU1ErUa2NTZxVUC8MTU73mvCPK7232tVrYOr1VZ0hqDc4sisUC7FaMaEkh18cSoFDw+CKCzNb0=

GET
H2 200 a9a7754c-f1b5f9c5144f62adc766.js Show response
www.file.io/ 4 KB
2 KB 23ms
21ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:09 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:59 GMT
server: AmazonS3
x-amz-request-id: FGBT16S0VKY19GSZ
x-amz-cf-pop: FRA56-P5
etag: W/"4ae04cdf11989fa265bb8cc9b598298f"
age: 71455
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 2sHRAgbbnY2qP-wA1sj0SVzEersjbB86QyQvntoyFOIapZTGkwACTw==
x-amz-id-2: 6iOT3bJX3AuOCHZ5gBubmYzay/6kKKRn03jPGgD1YFbkHsvY/niKYSa7ssENGlJEBH5Cb26mbDs=

GET
H2 200 381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js Show response
www.file.io/ 117 KB
66 KB 31ms
29ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:09 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:58 GMT
server: AmazonS3
x-amz-request-id: FGBPHKRCWNG3S29M
x-amz-cf-pop: FRA56-P5
etag: W/"9c41c9970ebc8fe4c98c8f02b631cd07"
age: 71455
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 0kPJsGq1q2Yy2DPbMdHZ8Td7Xeq-M5e5RwBTk_YFyIDwbx1MIf7U4w==
x-amz-id-2: pChbMHjAAG4v00UctRU97wwV9GbUoP73Un9XmjOqLTgXzhWbXNZCrUhU6fK93y1EAE5Gjb7d9Cg=

GET
H2 200 a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js Show response
www.file.io/ 21 KB
9 KB 26ms
24ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:10 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:59 GMT
server: AmazonS3
x-amz-request-id: D9BPXXPPVW6PXC0J
x-amz-cf-pop: FRA56-P5
etag: W/"2b921aab089ea83ec7bb825f970e0b68"
age: 71454
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: tJE0Fv4vrqieiHstNX9jwlSJH_1sWZqqhWQTYzIFvXzf-ovs_ZiIjQ==
x-amz-id-2: J80ILegukPctYsPn7W1Dersx1dQXb2t6VYNn71T/2NPxvXyHSNkczShdEHZXL+BsuIHx7oWnWao=

GET
H2 200 6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js Show response
www.file.io/ 24 KB
8 KB 160ms
158ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:10 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:46:58 GMT
server: AmazonS3
x-amz-request-id: D9BNFGW84G8YWS6Y
x-amz-cf-pop: FRA56-P5
etag: W/"02f76c7d444e6eab701d07bea36dfd50"
age: 71454
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: FkfoR4VqlBRgbvxqiMRgH_lAIWOIVRncDmLi7AkOO1MRe-ubti71ew==
x-amz-id-2: ZN6SyTlXM8PtFPW5tzXEHQi2WNKhSQX8g4xR9DbrF/GB0023GBnW1YRlgN+x5oPYSfAtAI0abzE=

GET
H2 200 component---src-pages-deleted-js-47be80d008d1be58f19d.js Show response
www.file.io/ 12 KB
4 KB 23ms
22ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-deleted-js-47be80d008d1be58f19d.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99d500649dda1858b411e79b0ddbf72bc884b414dc2293ee2503ff6884128a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:12 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:04 GMT
server: AmazonS3
x-amz-request-id: P25Q0P58YSV5JQE9
x-amz-cf-pop: FRA56-P5
etag: W/"deecbc59dd2a7d9cb6bb7152c9b899a2"
age: 71452
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: -zdTvYTnMOv71jLjG_i11Bg6lxo9fuTQ_c5ArXzJu8NY-gMToDLR8w==
x-amz-id-2: oyYiuVQhsdtaJGvqRnpSrWWDBki1OoPLvnOi0BbhA6yiDtVcfxE+KBv6GQlCG/dsBkgeyysDCIc=

GET
H2 200 1655680770.json Show response
www.file.io/page-data/sq/d/ 447 B
914 B 26ms
25ms XHR
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/sq/d/1655680770.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:02 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: XTEHHHFJAZK3GDXH
x-amz-cf-pop: FRA56-P5
etag: "c839c57483bd5d788408e7fc88e7cc8d"
age: 71282
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 447
x-amz-id-2: OEsQ9czm0dL0m7+sjMifORAVtgN/Ca7d9SG3iLyURNGa1/+43ds0iPa4intDb81/fe8Z+L1vtWE=
x-amz-cf-id: g9egwyc9VFoFpK2LrDLLmZqpV2OIrKTofNpkwnAHm6DfnE7JDPcoNA==

GET
H2 200 1810866655.json Show response
www.file.io/page-data/sq/d/ 2 KB
860 B 23ms
22ms XHR
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/sq/d/1810866655.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:00 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: 5V4C885FX8Z4FTFA
x-amz-cf-pop: FRA56-P5
etag: W/"7bb0144e136507cd9bfbaceb72189d09"
age: 71464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
x-amz-cf-id: PCBt7-KPY90zKgAQfiOtN1iD3gHJe1MlIiUkCOIHxXfr_I24FWiJOQ==
x-amz-id-2: LR/Q9HfKQzeJHuImbgPo+wE8499VQJztXsoRz8tYsdIc2KohSopc3DerEsOsKBZhJ5xxJHPLwHI=

GET
H2 200 ads-hodgepodge-ad-b4d620a1679ffb3b3837.js Show response
www.file.io/ 7 KB
3 KB 24ms
24ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/ads-hodgepodge-ad-b4d620a1679ffb3b3837.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-1ba38f695df4d8147637.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6420982539ff72de2168dedd03fc1f343944fd681667aa64dce336064dc26879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:07 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:01 GMT
server: AmazonS3
x-amz-request-id: 4FPMYJJSCSJKHQEA
x-amz-cf-pop: FRA56-P5
etag: W/"0be8ea71b478169e9c47f21818d653f2"
age: 71457
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: Kq1xrHVTo7gDZ40o3MnDp2zwLTQHMJ_bsH4eIhpva1qmsYjhW4v6fw==
x-amz-id-2: ZY6Q7olI5YQDj+URBTSHfg+nQoOxe8t/1gR7fIMIjhxeEiHbZ6CTgXp9W19Ljk2iSoFrnoho5E0=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 45ms
45ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=603573523&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&dp=%2Fdeleted%2F&ul=en-us&de=UTF-8&dt=Deleted%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=234508681&gjid=889835574&cid=1290979078.1668832803&tid=UA-65658019-1&_gid=1724481961.1668832803&_r=1&_slc=1&z=1199455890

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 134ms
45ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.file.io
URL: https://www.file.io/ads-hodgepodge-ad-b4d620a1679ffb3b3837.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1396 / 468 of 1000 / last-modified: 1668812924"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Nov 2022 04:40:03 GMT

GET
H2 200 prebid7.18.0.js Show response
www.file.io/scripts/ 163 KB
49 KB 33ms
33ms Script
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/scripts/prebid7.18.0.js
Requested by: Host: www.file.io
URL: https://www.file.io/ads-hodgepodge-ad-b4d620a1679ffb3b3837.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:07 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:12 GMT
server: AmazonS3
x-amz-request-id: 4FPXD8DF3367PWXV
x-amz-cf-pop: FRA56-P5
etag: W/"c488e1001b33af7893c3558f28b0fac8"
age: 71456
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: yOe_ZbL6Y8AavfSsHTmKKAe4S1F41l0TXyumFZjg_wsHBB8bi1Jlug==
x-amz-id-2: 8xLreq4D6/iXGChy5R+ei7R4TK6bomLg5EOGEEnxLSZsSlF7Ql7SxreuiC3ImpFErltqkBHiBJU=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=1290979078.1668832803&jid=234508681&gjid=889835574&_gid=1724481961.1668832803&_u=aEBAAEAAAAAAACAAI~&z=1876658093

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 19 Nov 2022 04:40:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 161ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 22:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Nov 2023 22:26:53 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 206 B
738 B 166ms
45ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ceb17b76e0b5474ae4b8660522cd60467b1f33121aa5f0ff14503e8826c8c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Sat, 19 Nov 2022 04:40:03 GMT

POST
H/1.1 200
OK hb.php Show response
bid.glass/ad/ 19 B
317 B 272ms
89ms XHR
application/json 64.20.35.44
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.glass/ad/hb.php?src=prebid_prebid_7.18.0
Requested by: Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.20.35.44 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: bid.glass
Software: Apache /
Resource Hash: 6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 19 Nov 2022 04:40:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
261 B 168ms
121ms XHR
text/plain 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Sat, 19 Nov 2022 04:40:03 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c644004999bbb5-FRA
access-control-allow-methods: POST, GET

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 158ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.file.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 152ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.file.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
13 KB 1253ms
1176ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3665153637041400&correlator=75721636054660&eid=31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=22175459031%2Cfileio-halfpage-gallery-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=2093335146&didk=470317410&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668832804135&lmt=1668761227&dlt=1668832803162&idt=935&adxs=806&adys=328&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=1240x600&msz=300x600&fws=0&ohw=0&ga_vid=1290979078.1668832803&ga_sid=1668832804&ga_hid=603573523&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3027e8f6294de12d58681da75e41ec4d9541b5ddc3ff7178d8980139844749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12991
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file.io
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e3c022f1964b8eb3de746a3121080f0d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3327 6 KB
3 KB 187ms
47ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e3c022f1964b8eb3de746a3121080f0d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 04:40:04 GMT
expires: Sun, 19 Nov 2023 04:40:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 141ms
51ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

834e26c905a82391b99ce6aca71364893d3b2b41dfca3ef89c5b298445163d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11190
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 143ms
49ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 04:40:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D1DA 13 KB
5 KB 115ms
37ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 22:15:51 GMT
expires: Sat, 18 Nov 2023 22:15:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9858 783 B
1 KB 159ms
70ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09d12e35e82915179278a80395fae821ddbfae4ef7c1fa23b944a6a35542eb43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fDtYsOhtOoC5aqOaW0Ktyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-fDtYsOhtOoC5aqOaW0Ktyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 04:40:04 GMT
expires: Sat, 19 Nov 2022 04:40:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame D1DA 36 KB
16 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 15:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:35:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9858 0
0 115ms
74ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3665153637041400&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D1DA 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lnUTlg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 697F 221 KB
61 KB 162ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 383471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 697F 14 KB
5 KB 226ms
103ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 383471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 697F 94 KB
28 KB 233ms
110ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 383471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 697F 5 KB
2 KB 232ms
109ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 383471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 697F 40 KB
13 KB 247ms
124ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 383471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 697F 8 KB
1 KB 135ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Nov 2022 04:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Nov 2022 02:58:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Nov 2022 04:40:05 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 697F 2 KB
2 KB 39ms
38ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.file.io
URL: https://www.file.io/deleted/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 68412
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Nov 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 697F 295 B
319 B 38ms
37ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.file.io
URL: https://www.file.io/deleted/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 23:28:16 GMT
x-content-type-options: nosniff
server: cafe
age: 18709
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Nov 2022 23:28:16 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 697F 0
0 82ms
82ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQbLPJF54Y6L0D_2D9u8Pp_amkAKAvcK-bbPPyv-xEM_R64iPGhABINS4rwNgleKQgqAHoAGr1bS7AsgBAeACAKgDAaoE_QFP0PiDN7hyCsJkhO4LYF8inWqSF2f9BMs20Fn0pC_4LRGJfh_Ez7-WDO5RWI89m1Jnbbex2unjukDs4NE_RUwsZcDZe0DND95GXc5ZWYFiCsE6G08fl1mYHT5H4vY326puqeQkFt49LNrjEpgHVzVo7WJkT7ITIGeFnFMkW0KEGx81QfZpza2K-U6KayJJu-D-PVBHd4mk09gMHtH781jyhXKOE5r5TX17F5CYSUkjPD6yWptEE8_1vg6qmoV6GxeRNWRBScobuFi5rXBFOCgBy_b2luWo2RtjxrmZf10ydY0qohKI8B6fIdYU6-Y0xHKr8APqyKv-gDZjyJBDwASN_tjt8QLgBAGSBQQIBBgBkgUECAUYBIAHxbSTyQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDLyeQS0ggRCIDhgBAQARgdMgKqAjoCgECACgHICwHYEwyIFATQFQGAFwGyFx4KHAgAEhRwdWItOTMzODIwOTkyMTYxMjU5NRil9Hg&sigh=HqwZ6XFPdpg&uach_m=[UACH]&cid=CAQSSwDq26N9cqXvYJPa1U1F5cqjzlDHvZ0mSe6CV-rJTzwCjuA0LG-DxhqwQqfL4iLW68JpDOpjl8bo9Vzrwn75iXOeMaOPeTSWgvBHFBgBIBM&template_id=5020
Requested by: Host: www.file.io
URL: https://www.file.io/deleted/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 697F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 697F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7cbdc69d32cb6e6d6632e702e2b01e4c74d626033e9018cb2fec20b025a447e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3665153637041400&bg=!RUalRgLNAAbvMpMzzzI7ACkAdvg8WqPl3OBUHf_D0pit5AnvbIu49abUAe_LKAUcQQgQQVnNcjRf_wIAAABQUgAAAAJoAQcKAE-JTD-JOJW8QMjkKcjLIhngx2h6BJzHkVXEzbd5ZbkWncZ9A0ECIOMQ13F90Cz0CFwNKaCM3ZIPwYoPT7k9JmCu2oJ2A4Q2BED-InLfyHOUmQKjdB0yunZMRJPWAth4s8UDdtpqOIxatjMcEWI69bhI8YsiF_NTZZ_lPzfquNN9scIylbRdsZ14nq27u2STnEZG-Z_9WPX1ixEQmC5TiHZlb11V2NDfvXuHs2B0m4if8ohA_DX_zqAEzAelMaEM5vsTcBXgWaunwaAQn-HfuhRbik6QO1m_D0omujLoOdYjJ0_rM3g_4vgdU5o84zOcmzarlVe12VxXWCche3sSY95ih9npTeeT3BMcjSTouWUznbtaWoTun39PN6InoXwvGArLqaPsEh_fP3dm851XuOCvy-3NKYqC2G5lt-gJJZ8HgHTRKrskjqZMjg2LwAtMVzx0qICKGISarwvVM8A5rlXrM7NZvvgxkDBc7ARCksG_B69eo-LCIzmx9jUfJdNq5HKehgHcET0GvHT7gJ2vPef-ZKdQNe8h6AKT8M7hgHd84bHDDW63sN4Wq_qFptsTJRsliCbhAERxMFrSPnhG9tWTbwPxOvQUGK30K1ul093-uXk_gCWYR7CkRoc59ZiWBRdJdpks4E1u9crNhqTgBjVAILZ2n_0A1tB-Jx5viri4p2j4p2xlhLnD2LuXzHJgPvHnWhJFBBnZOtc1tKVfb3JghqfualeNt0ToqaiDvG3f2reEKdNVvq42RSefzMTAZt64S26bpvpD_qpkGcYhnhy27wu_bzixkMZvt907NmW6TODeZVcJvCUwS7FI6ZGfXniu8vHI224rnFrOJt1OqBI2sPnJXodc5ewkCc8uSz_wh5TlwWM9Zf5ZRj6YIrOdNncrvF0hYLyxutnQVNVdX_UHHtf5puyu3Xr9EXHP52hL4A2A4SnHslrb-gnEHSRtEqIQdXhKvBg4Oocr_Bs1GvlOFAIpPxY46BHBEtWtV_1JOUcn7lNC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 697F 28 KB
28 KB 135ms
45ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 243374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 09:03:51 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 697F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

157ms
55ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.file.io
URL: https://www.file.io/deleted/
Protocol: H2
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date: Sat, 19 Nov 2022 04:40:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 page-data.json
www.file.io/page-data/login/ 0
602 B 25ms
23ms Other
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/login/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34XQ5SY22NYCRKM
x-amz-cf-pop: FRA56-P5
etag: "4f561e1f747160f0e60849c13facafec"
age: 71277
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 135
x-amz-id-2: snhvBaXlca2SKKpyXuqXQsbhXX4ThRbMn/IBHwgPzbLD4TbAACgnw6k5nZXaLcZlS66S6rsC6Js=
x-amz-cf-id: NzWm-wDkDp-e8wwiM04OShufTEzqwcKPmv4Km1jtgqAx5uf0p-8J5Q==

GET
H2 200 page-data.json
www.file.io/page-data/plans/ 0
606 B 24ms
23ms Other
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/plans/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34TKV4W00SXAWHQ
x-amz-cf-pop: FRA56-P5
etag: "1022652c2bef86b84cb16cd11c50b2ca"
age: 71277
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 141
x-amz-id-2: yDKWOK34sWVKcdbkZ13GtNmxUpXJ0aMAVraSQRnhHX12rYSUFz6A3L4KcvcRmXA1TcIvURbkhyA=
x-amz-cf-id: brpfWZbS0RkbsODNY75uKgSsVgUtGpeH6lJniq9ogU5wcYfj1fFb8w==

GET
H2 200 page-data.json
www.file.io/page-data/signup/ 0
604 B 23ms
22ms Other
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/signup/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34G04VJVZHT57ZG
x-amz-cf-pop: FRA56-P5
etag: "68baf9ac2f5dcaef64744f1f45d71de0"
age: 71277
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 137
x-amz-id-2: 24AmI4j1UEnfo3MaGdBzQY8SKyyqDei8SRCrAiF+xp/bvhx4U51d8ge/lhl2SdFXZjiTq7oI55g=
x-amz-cf-id: u9y7cNlT5hTNQMzZ2hE2p91oIAZGDeuHU-LrvbY0WjLkOZ8iD0ZRgQ==

GET
H2 200 page-data.json
www.file.io/page-data/index/ 0
619 B 22ms
21ms Other
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/index/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: C34W331JD5DPB8SM
x-amz-cf-pop: FRA56-P5
etag: "401beb30f0318595986e0b5ab983a5ad"
age: 71277
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 154
x-amz-id-2: Bj47oc1l1Uz932JgYL88qz2aHN0ar9eEfjzcnkuAoQOz/up5wVGDVl3meVTZ2H2ydz/vDGqyrgk=
x-amz-cf-id: SdqzKhj-RfJHnis9fnWEaBcxg9D-S0sDsK6f7vTmLiCwRlKRJE0n5A==

GET
H2 200 page-data.json Show response
www.file.io/page-data/index/ 154 B
619 B 25ms
23ms XHR
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/index/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:10 GMT
server: AmazonS3
x-amz-request-id: C34W331JD5DPB8SM
x-amz-cf-pop: FRA56-P5
etag: "401beb30f0318595986e0b5ab983a5ad"
age: 71277
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 154
x-amz-id-2: Bj47oc1l1Uz932JgYL88qz2aHN0ar9eEfjzcnkuAoQOz/up5wVGDVl3meVTZ2H2ydz/vDGqyrgk=
x-amz-cf-id: zKgmV3M5w_MJZ-GzuS-EsPwf7xipLRl9gCQSi89zT1GADGdKcnJz1A==

GET
H2 200 page-data.json Show response
www.file.io/page-data/signup/ 137 B
602 B 21ms
20ms XHR
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/signup/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34G04VJVZHT57ZG
x-amz-cf-pop: FRA56-P5
etag: "68baf9ac2f5dcaef64744f1f45d71de0"
age: 71277
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 137
x-amz-id-2: 24AmI4j1UEnfo3MaGdBzQY8SKyyqDei8SRCrAiF+xp/bvhx4U51d8ge/lhl2SdFXZjiTq7oI55g=
x-amz-cf-id: iijtmeeD4hQKIfmQrVmcA_dSEf521-Pisbx3cGccJ0TCbZ6682Xhgg==

GET
H2 200 page-data.json Show response
www.file.io/page-data/plans/ 141 B
608 B 22ms
21ms XHR
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/plans/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34TKV4W00SXAWHQ
x-amz-cf-pop: FRA56-P5
etag: "1022652c2bef86b84cb16cd11c50b2ca"
age: 71277
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 141
x-amz-id-2: yDKWOK34sWVKcdbkZ13GtNmxUpXJ0aMAVraSQRnhHX12rYSUFz6A3L4KcvcRmXA1TcIvURbkhyA=
x-amz-cf-id: 6sEqGJ2AO0WXX7K4bYgK7m0CAmCTIZCCCf4XmTs3qCiMdDwdLURYGg==

GET
H2 200 page-data.json Show response
www.file.io/page-data/login/ 135 B
602 B 23ms
22ms XHR
application/json 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/login/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:52:10 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:11 GMT
server: AmazonS3
x-amz-request-id: C34XQ5SY22NYCRKM
x-amz-cf-pop: FRA56-P5
etag: "4f561e1f747160f0e60849c13facafec"
age: 71277
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 135
x-amz-id-2: snhvBaXlca2SKKpyXuqXQsbhXX4ThRbMn/IBHwgPzbLD4TbAACgnw6k5nZXaLcZlS66S6rsC6Js=
x-amz-cf-id: C61vC8L8v7g9co9XO-y7AeJ97KHM-OstScXbAKz2H7vHCasJtRJYAQ==

GET
H2 200 component---src-pages-signup-js-6276362a910cd31f83ca.js
www.file.io/ 0
7 KB 22ms
21ms Other
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-signup-js-6276362a910cd31f83ca.js
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:18 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:07 GMT
server: AmazonS3
x-amz-request-id: GBJTYV2915KMKJTG
x-amz-cf-pop: FRA56-P5
etag: W/"f532f8654ef9d6e2ccba95d194e45cc2"
age: 71449
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: flNl8yPGBNdl3t431-bs6tMrv5pmNLx0jTiKttteqOTnR05xB095ng==
x-amz-id-2: YC/BlQpXjVzktRCTEvcp7KMht0irW1Q0UXz4SOz8dr1h2nuvyLTS3l/WvxVxVTQ4fvBA2oeA5vU=

GET
H2 200 component---src-pages-plans-index-js-4d7d70651af058699199.js
www.file.io/ 0
941 B 28ms
27ms Other
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-plans-index-js-4d7d70651af058699199.js
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 14:03:07 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:06 GMT
server: AmazonS3
x-amz-request-id: W50E70KJEZD5YMTB
x-amz-cf-pop: FRA56-P5
etag: "66b96715a5faba1158fa14385302dc0f"
age: 52620
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 473
x-amz-id-2: hG8nZwAh4GxWJypvRJ28PIyDYYyPaRiMHK4M+CWQ1qn3k+2uVlnQtMk9Vy4x2wpa5YzITYIQF6o=
x-amz-cf-id: LB-BCWG6uiO28JB6wHP-DW-4GjRUVJEcmx7zLBrW5YFCc-mkG115FA==

GET
H2 200 component---src-pages-login-js-4334d2f9cc13bc6425f6.js
www.file.io/ 0
6 KB 23ms
23ms Other
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-login-js-4334d2f9cc13bc6425f6.js
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:18 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:05 GMT
server: AmazonS3
x-amz-request-id: GBJHX83GA8VRGDM4
x-amz-cf-pop: FRA56-P5
etag: W/"5846b26616c0b2bb2d33c186d91ddb78"
age: 71449
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: eHIn12YzEP9_p_x80vNHtRPJfZlpkvF7SXUJPaRHoD0BrzZGyLOsvQ==
x-amz-id-2: LRC/Oa8XL73D8WWnDwyeb0jQHLR+hPVg8TXBCpws0uLN6XYJE9g587UgJKaPJEpoTTkAB/uWja8=

GET
H2 200 component---src-pages-index-js-5add86bfc20c381bda12.js
www.file.io/ 0
33 KB 21ms
21ms Other
application/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-index-js-5add86bfc20c381bda12.js
Requested by: Host: www.file.io
URL: https://www.file.io/app-bd8cc0780fb633513965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:49:11 GMT
content-encoding: br
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 08:47:05 GMT
server: AmazonS3
x-amz-request-id: 91J2NCFN9KRJBG8J
x-amz-cf-pop: FRA56-P5
etag: W/"6cde7a7a9d3e9b5b881aeba482e5e097"
age: 71456
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: kVQAHtxM_-rV3xJxfiLs1SqLAHtH4bbJF_fWmSL-oDppwDOMCsMG_Q==
x-amz-id-2: DlVdcSENDIRhLYvd33/wgGLrOoGq15we7iicqmYTbvFMfACF2s9w1ZvcLVfJIRUHtv4LGBcZfW8=

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 697F 42 B
64 B 78ms
77ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWIbLD2QxXs4r3hjp-QfUsaVCT0Vcvf37n-4eeZnQdJpQVhHsXoiCEHxm59A_-yISvCaFMzoXzWLfTMNMiF-yYrUQHk7FnB1Obw1Z8ezb6Ju-7m72jbmTIxsQ8-sgU8hHIggedpw&sai=AMfl-YRor3NMlsrc5dkS26rgffuecRVmZGrmOIHG1G1yNjpXEUaLtMLsQnHqs9vn3goHzy_C8UKg4rcNw0OidhHTwkXiy7pOw84dFfoFfAOCdBUT7CswpK6GrG2CGri7UJSFeefvGu3l6fN9YiaFV1g&sig=Cg0ArKJSzHBJmyyVWcxkEAE&cid=CAQSSwDq26N9cqXvYJPa1U1F5cqjzlDHvZ0mSe6CV-rJTzwCjuA0LG-DxhqwQqfL4iLW68JpDOpjl8bo9Vzrwn75iXOeMaOPeTSWgvBHFBgBIBM&id=ampim&o=806,328&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=320&tls=1320&g=100&h=100&tt=1320&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 3D18 4 KB
1 KB 122ms
113ms Document
text/html 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d28bbba195ced5a1adf263a1077c9a9b4d1752a2bc2152abe41522fbcf262ce

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76c644148b3dbbb5-FRA
content-encoding: gzip
content-type: text/html
date: Sat, 19 Nov 2022 04:40:07 GMT
server: cloudflare

GET
H2

200

setuid
sync.quantumdex.io/ Frame 3D18
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=a2f72a6d-d774-5243-8570-2aa0e6087487

43 B
94 B

111ms
111ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=a2f72a6d-d774-5243-8570-2aa0e6087487
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c64415ccf8bbb5-FRA
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=a2f72a6d-d774-5243-8570-2aa0e6087487
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 3D18 0
277 B 63ms
15ms Image
text/plain 216.52.2.19
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 19 Nov 2022 04:40:07 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 3D18
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2917598791516013547

43 B
94 B

109ms
109ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2917598791516013547
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c64415ccf6bbb5-FRA
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
AN-X-Request-Uuid: fac10c61-96d9-46ab-b6de-e655305177fd
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2917598791516013547
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 3D18 0
35 B 41ms
8ms Image
text/plain 3.74.96.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.96.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-96-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 3D18
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS00NzFlNTdmZi1hYzE2LTNiYmYtYTU3ZC0wOWM2OGQyYzhhMWEqYGh0dHBzOi8vc3lu...
https://ssp.disqus.com/match?bidder=6&r=Cid1YS00NzFlNTdmZi1hYzE2LTNiYmYtYTU3ZC0wOWM2OGQyYzhhMWEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTQ3MWU1N2ZmLWFjMTYtM...
https://ce.lijit.com/merge?pid=279534&3pid=ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ce.lijit.com/merge?pid=279534&3pid=ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ssp.disqus.com/match?bidder=12&buyeruid=FrO4pRZHQLrJJkLtQGiBDOIy&r=Cid1YS00NzFlNTdmZi1hYzE2LTNiYmYtYTU3ZC0wOWM2OGQyYzhhMWEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG...
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a

43 B
117 B

109ms
109ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c6441e5e67bbb5-FRA
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a
pragma: no-cache
date: Sat, 19 Nov 2022 04:40:08 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 3D18 0
240 B 41ms
8ms Image
text/plain 2600:9000:20eb:e600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT
cache-control: no-cache, must-revalidate
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: tGcBKOdeIo9lI7Wk6vRV16Ri5of98RQC3ve8Rl8aAADxULFSySEoNA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame 3D18
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
105 B

108ms
107ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c64415ace1bbb5-FRA
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 19 Nov 2022 04:40:07 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Sat, 19 Nov 2022 04:40:07 GMT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 3D18 43 B
1 KB 42ms
11ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 19 Nov 2022 04:40:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 3D18
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-TylcHflE2uFeFVY52ddlys8Ita2HYL1shV1s7f0-~A

43 B
94 B

108ms
107ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-TylcHflE2uFeFVY52ddlys8Ita2HYL1shV1s7f0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c64415dcfbbbb5-FRA
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-TylcHflE2uFeFVY52ddlys8Ita2HYL1shV1s7f0-~A
date: Sat, 19 Nov 2022 04:40:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 7D1B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
1 KB

49ms
32ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9778f31110e6d3df924df57aab56fc1a651e5ef88d18875567919d093882e6e

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76c644160b559090-FRA
content-encoding: br
content-type: text/html
date: Sat, 19 Nov 2022 04:40:07 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18iWGKI8AUEwshsxAv3YQbaEPOSnJH6lAzXhCuozM8LOtFDScOmrczm5RzMfg%2FEroRZ2hDH9nXPs%2B6h8ImCgJkypWGQaoc3z70A56RDpwAtYUbE4WMOg2KsYv4NnYkTxCTYMxUQz8dYnNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76c64415a81f9244-FRA
content-length: 0
date: Sat, 19 Nov 2022 04:40:07 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWUjEMzXs6DxrC6ZADnnJ9YAwvqdgW7jVZxhw8%2FmVc96v6vkmjoj6HgWoEgZlmsnWh1OxYF%2B42cByNnOs0ueJBfgV9kqyxnAPMP4UkMveiAZt3n6zrmFGUshWse1glz48XLjgxh5lUOWwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame C06C 0
0 58ms
13ms Document
text/plain 213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D27D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
554 B

37ms
7ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 19 Nov 2022 04:40:07 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 19 Nov 2022 04:40:07 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 045E 15 KB
6 KB 34ms
7ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74444
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 04:40:07 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 20 Nov 2022 01:20:51 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame C622 0
0 34ms
8ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 045E 3 KB
3 KB 195ms
16ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37053218&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9b17727eddd36e1bd5ef4fc0201ae58cfcc797f20a9835c9de3edbe85484cd6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 04:40:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7D1B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB&dcc=t

43 B
855 B

130ms
129ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FD4EHGBBPW5P6TQSDP6Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CREABBH5Y496SCFWMAJC
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7D1B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3heJ6OkZPSv9L4TuLpbfgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKc-Pq3Plv1Z_eFwCgQ96Ag&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKc-Pq3Plv1Z_eFwCgQ96Ag&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKc-Pq3Plv1Z_eFwCgQ96Ag&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 7D1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH1fqh8ANOaBjjSgN9EAVkU&google_cver=1

43 B
848 B

45ms
45ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH1fqh8ANOaBjjSgN9EAVkU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owcgmtFK5KFKwQrHShTyRnaULKg3g%2Fkk9BeLi6nhKpAv98w4qjsxSM%2BUjSJDHwMGhVJNxqv4PB3Mkf4mJHeWjEORdDGDFIZsYSfjua7niJUHD%2BjE5fTwo3PaH4CEjcuL6IO7%2FZ9B%2FwejxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 76c644172c039090-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH1fqh8ANOaBjjSgN9EAVkU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7D1B 70 B
265 B 107ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7D1B
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684471207&external_user_id=03a2ea92-fad9-4257-810f-30ffb48a2d38

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684471207&external_user_id=03a2ea92-fad9-4257-810f-30ffb48a2d38
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Sat, 19 Nov 2022 04:40:07 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684471207&external_user_id=03a2ea92-fad9-4257-810f-30ffb48a2d38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7D1B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=62536378-5e27-4f00-8a41-d113cfef3d0c

43 B
766 B

26ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=62536378-5e27-4f00-8a41-d113cfef3d0c
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Sat, 19 Nov 2022 04:40:07 GMT
Server: MT3 169 32252b7 master cdg-pixel-x34 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=62536378-5e27-4f00-8a41-d113cfef3d0c
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 19 Nov 2022 04:40:06 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7D1B
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2917598791516013547

43 B
766 B

44ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2917598791516013547
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
AN-X-Request-Uuid: 924848a3-a30c-4fe5-96c4-ae89dd62b304
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2917598791516013547
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7D1B
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=25n75djP_urAnPW_iZvh6d6S_-jAnKi7j5OJbv2_

43 B
766 B

53ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=25n75djP_urAnPW_iZvh6d6S_-jAnKi7j5OJbv2_
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Nov 2022 04:40:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=25n75djP_urAnPW_iZvh6d6S_-jAnKi7j5OJbv2_
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 7D1B 43 B
94 B 109ms
108ms Image
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Y3heJ6OkZPSv9L4TuLpbfgAABFEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c644164d6cbbb5-FRA
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D27D 34 KB
10 KB 7ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 63088459cdc3ca0401e4f47e6c13d3bac93568003c375f0a55dcff87e43d2e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 19 Nov 2022 04:40:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Nov 2022 08:05:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12340
Connection: keep-alive
Content-Length: 10070
Expires: Sat, 19 Nov 2022 08:05:47 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D27D 284 B
536 B 47ms
8ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 8305
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent=

35 B
468 B

21ms
19ms

Document
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sat, 19 Nov 2022 04:40:07 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sat, 19 Nov 2022 04:40:07 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6455
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8528085394414406462

42 B
292 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8528085394414406462
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 04:40:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8528085394414406462
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 145F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62536378-5e27-4f00-8a41-d113cfef3d0c&gdpr=0&gdpr_consent=

42 B
425 B

194ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62536378-5e27-4f00-8a41-d113cfef3d0c&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 04:40:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 19 Nov 2022 04:40:07 GMT
Expires: Sat, 19 Nov 2022 04:40:06 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 169 32252b7 master cdg-pixel-x27 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62536378-5e27-4f00-8a41-d113cfef3d0c&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 11F2 43 B
363 B 397ms
16ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 04:40:06 GMT
expires: Sat, 19 Nov 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 460225
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 2DE9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=70D873BF-E45D-4394-ABF1-722DB16A56F2&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=70D873BF-E45D-4394-ABF1-722DB16A56F2&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

199ms
199ms

Document
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=70D873BF-E45D-4394-ABF1-722DB16A56F2&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 19 Nov 2022 04:40:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: YVDBVSMX27JHPKYQ25D9

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 19 Nov 2022 04:40:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=70D873BF-E45D-4394-ABF1-722DB16A56F2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 07K80AQ7J9F0Y8N8Z56N

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2509
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2917598791516013547&gdpr=0&gdpr_consent=

568 B
650 B

178ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2917598791516013547&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 04:40:06 GMT
server: nginx

Redirect headers

AN-X-Request-Uuid: 2f188317-7797-430f-ba4e-630c26e25185
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 19 Nov 2022 04:40:07 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2917598791516013547&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 setuid Show response
sync.quantumdex.io/ Frame FDCB 43 B
94 B 110ms
107ms Document
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=70D873BF-E45D-4394-ABF1-722DB16A56F2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76c64416fe2abbb5-FRA
content-length: 43
content-type: image/gif
date: Sat, 19 Nov 2022 04:40:07 GMT
server: cloudflare

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 045E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cNhzv-RdQ5Sr8XItsWpW8g%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

24ms
23ms

Image
text/html

88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=74444
accept-ranges: bytes
content-length: 5549
expires: Sun, 20 Nov 2022 01:20:51 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 045E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=62536378-5e27-4f00-8a41-d113cfef3d0c

0
260 B

79ms
16ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=62536378-5e27-4f00-8a41-d113cfef3d0c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 19 Nov 2022 04:40:07 GMT
Server: MT3 169 32252b7 master cdg-pixel-x32 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=62536378-5e27-4f00-8a41-d113cfef3d0c
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 19 Nov 2022 04:40:06 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 045E
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=70D873BF-E45D-4394-ABF1-722DB16A56F2&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

34ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 045E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzBEODczQkYtRTQ1RC00Mzk0LUFCRjEtNzIyREIxNkE1NkYy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

77ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 04:40:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 045E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEfBLnSO6vu_nEhoes5HuOg&google_cver=1

42 B
397 B

78ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEfBLnSO6vu_nEhoes5HuOg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 04:40:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEfBLnSO6vu_nEhoes5HuOg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 045E 43 B
612 B 60ms
15ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 04:40:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 18 Nov 2022 04:40:07 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 045E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2130901063954444841

42 B
439 B

109ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2130901063954444841
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 19 Nov 2022 04:40:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2130901063954444841
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 045E 70 B
264 B 34ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Nov 2022 04:40:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file.io/	1970-01-20 17:09:52	Name: _ga Value: GA1.2.1290979078.1668832803
.file.io/	1970-01-20 07:35:19	Name: _gid Value: GA1.2.1724481961.1668832803
.file.io/	1970-01-20 07:33:52	Name: _gat Value: 1
.quantumdex.io/	1970-01-20 07:48:16	Name: uid Value: ce60cb62-aeaa-4cc6-bf10-7a6011ff8c96
.file.io/	1970-01-20 16:55:28	Name: __gads Value: ID=39723dbb92288291:T=1668832804:S=ALNI_MYwaab16LT9wlbVyx1GwS9xuIL8kA
.file.io/	1970-01-20 16:55:28	Name: __gpi Value: UID=00000b83f901be28:T=1668832804:RT=1668832804:S=ALNI_MbGQ_soEegHSbKM5RuuwF8U_yfpuA
.doubleclick.net/	1970-01-20 16:55:28	Name: IDE Value: AHWqTUmtoG_w4Qnm1ZIIsTVap54i2SAOF9mF1TraehdUfg5pQ5ahj7wa5tC_IV4LgKY
.doubleclick.net/	1970-01-20 07:33:56	Name: DSID Value: NO_DATA
.id5-sync.com/	1970-01-20 07:33:53	Name: cf Value:
.id5-sync.com/	1970-01-20 07:33:53	Name: cip Value:
.id5-sync.com/	1970-01-20 07:33:53	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:33:53	Name: car Value:
.id5-sync.com/	1970-01-20 07:33:53	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:33:53	Name: callback Value:
.ads.pubmatic.com/	1970-01-20 07:35:19	Name: KCCH Value: YES
.media.net/	1970-01-20 16:19:28	Name: data-pbs Value: setstatuscode~~1
.betweendigital.com/	1970-01-20 16:19:28	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 16:19:28	Name: tuuid Value: a2f72a6d-d774-5243-8570-2aa0e6087487
.betweendigital.com/	1970-01-20 16:19:28	Name: ss Value: 1
.adnxs.com/	1970-01-20 09:43:28	Name: uuid2 Value: 2917598791516013547
.yahoo.com/	1970-01-20 16:19:50	Name: A3 Value: d=AQABBCdeeGMCENFvT9CoVDcHPUZGBAiNHuEFEgEBAQGveWOCYwAAAAAA_eMAAA&S=AQAAAlWQNQbUm_42Hr_L3hEeXc4
.betweendigital.com/	1970-01-20 16:19:28	Name: ut Value: Y3heJwAFN_DBBRsVje8CABwu1CmZLiwo3iSc1w==
.analytics.yahoo.com/	1970-01-20 16:19:28	Name: IDSYNC Value: 192w~28dg
.casalemedia.com/	1970-01-20 16:19:28	Name: CMID Value: Y3heJ6OkZPSv9L4TuLpbfgAA
.casalemedia.com/	1970-01-20 09:43:28	Name: CMPS Value: 1105
.casalemedia.com/	1970-01-20 09:43:28	Name: CMPRO Value: 1105
.quantserve.com/	1970-01-20 09:43:28	Name: d Value: EBIBDQHOJ7jvsQA
.quantserve.com/	1970-01-20 17:04:07	Name: mc Value: 63785e27-69bd1-43835-6dfb9
.mathtag.com/	1970-01-20 16:59:48	Name: uuid Value: 62536378-5e27-4f00-8a41-d113cfef3d0c
.pubmatic.com/	1970-01-20 09:43:28	Name: KADUSERCOOKIE Value: 70D873BF-E45D-4394-ABF1-722DB16A56F2
.pubmatic.com/	1970-01-20 09:43:28	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 07:35:19	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 09:43:28	Name: DPSync3 Value: 1670025600%3A197_219_201%7C1668902400%3A174
.pubmatic.com/	1970-01-20 09:43:28	Name: SyncRTB3 Value: 1670025600%3A21_161_54_251_220_13_7_56_3%7C1670112000%3A35
.simpli.fi/	1970-01-20 16:20:55	Name: suid Value: 67DCCD38CB8643169F9BFA6D45927B1E
.onaudience.com/	1970-01-20 16:19:28	Name: cookie Value: a3e76c23ee7d0637
.onaudience.com/	1970-01-20 07:35:19	Name: done_redirects147 Value: 1
.adform.net/	1970-01-20 08:17:04	Name: C Value: 1
.de17a.com/	1970-01-20 16:12:16	Name: guid Value: 1.8528085394414406462
.adform.net/	1970-01-20 08:59:42	Name: uid Value: 2130901063954444841
.pubmatic.com/	1970-01-20 08:17:04	Name: SPugT Value: 1668832806
.pubmatic.com/	1970-01-20 09:43:28	Name: KRTBCOOKIE_80 Value: 22987-CAESEEfBLnSO6vu_nEhoes5HuOg&KRTB&16514-CAESEEfBLnSO6vu_nEhoes5HuOg&KRTB&23025-CAESEEfBLnSO6vu_nEhoes5HuOg&KRTB&23386-CAESEEfBLnSO6vu_nEhoes5HuOg
.company-target.com/	1970-01-20 17:09:52	Name: tuuid Value: 03a2ea92-fad9-4257-810f-30ffb48a2d38
.company-target.com/	1970-01-20 17:09:52	Name: tuuid_lu Value: 1668832807
.pubmatic.com/	1970-01-20 08:17:04	Name: KRTBCOOKIE_336 Value: 5844-8528085394414406462
.casalemedia.com/	1970-01-20 09:43:28	Name: CMTS Value: 5257
.pubmatic.com/	1970-01-20 08:17:04	Name: KRTBCOOKIE_391 Value: 22924-2130901063954444841&KRTB&23263-2130901063954444841
.pubmatic.com/	1970-01-20 09:43:28	Name: KRTBCOOKIE_27 Value: 16735-uid:62536378-5e27-4f00-8a41-d113cfef3d0c&KRTB&16736-uid:62536378-5e27-4f00-8a41-d113cfef3d0c&KRTB&23019-uid:62536378-5e27-4f00-8a41-d113cfef3d0c&KRTB&23208-uid:62536378-5e27-4f00-8a41-d113cfef3d0c
.pubmatic.com/	1970-01-20 08:17:04	Name: PugT Value: 1668832806
.disqus.com/	1970-01-20 16:19:28	Name: zeta-ssp-user-id Value: ua-471e57ff-ac16-3bbf-a57d-09c68d2c8a1a
.amazon-adsystem.com/	1970-01-20 17:09:52	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 12:56:26	Name: ad-id Value: A0A62Avz1E5vun6RfY3Gs4M

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2917598791516013547&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
bid.glass
c1.adform.net
cdn.ampproject.org
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
e3c022f1964b8eb3de746a3121080f0d.safeframe.googlesyndication.com
eus.rubiconproject.com
file.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbx.media.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.onaudience.com
prebid.a-mo.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssp.disqus.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.mathtag.com
sync.quantumdex.io
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
www.file.io
www.google-analytics.com
www.google.com
www.googletagservices.com
141.95.33.111
142.250.185.194
146.59.148.16
147.75.85.234
172.64.154.237
178.250.0.163
18.156.0.31
18.66.112.21
185.29.134.244
185.64.189.110
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
185.89.210.122
185.89.210.153
188.42.189.230
213.155.156.164
213.19.147.45
216.52.2.19
23.205.235.133
23.35.228.23
2600:9000:20eb:e600:1b:5138:8a40:93a1
2606:4700:10::6816:2560
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9a
3.33.220.150
3.74.96.248
34.199.85.163
34.233.226.104
34.91.62.186
34.96.71.22
37.157.4.24
51.38.120.206
52.46.151.131
52.95.115.255
64.20.35.44
69.173.144.139
72.251.249.14
88.221.168.201
96.16.141.156
09d12e35e82915179278a80395fae821ddbfae4ef7c1fa23b944a6a35542eb43
11e185c59e68173bb11c38327d38a40c91e9aff8d660c2c83e2e27ba20a604e8
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd
2d28bbba195ced5a1adf263a1077c9a9b4d1752a2bc2152abe41522fbcf262ce
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
63088459cdc3ca0401e4f47e6c13d3bac93568003c375f0a55dcff87e43d2e40
6420982539ff72de2168dedd03fc1f343944fd681667aa64dce336064dc26879
6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5
6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834e26c905a82391b99ce6aca71364893d3b2b41dfca3ef89c5b298445163d18
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
8b35556698e4334e4bf32a5fdc75df1c85fa5a30891fe80593e269f109cf3139
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
99d500649dda1858b411e79b0ddbf72bc884b414dc2293ee2503ff6884128a40
9b17727eddd36e1bd5ef4fc0201ae58cfcc797f20a9835c9de3edbe85484cd6e
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9ceb17b76e0b5474ae4b8660522cd60467b1f33121aa5f0ff14503e8826c8c3a
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a7cbdc69d32cb6e6d6632e702e2b01e4c74d626033e9018cb2fec20b025a447e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3027e8f6294de12d58681da75e41ec4d9541b5ddc3ff7178d8980139844749d
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
ce0b791928e69822c986829aedb5dc76879a3ceec12866ea3b025220c3773d43
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9778f31110e6d3df924df57aab56fc1a651e5ef88d18875567919d093882e6e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a
ec6d5a5b2870c8eafd9b757bddb1207380592474611b07fa97839c94a4667ff1
ed36418f7bd0d9e901adfdfbfc7d9b1ff41c623c04152c8d884c4d67efa634d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f

www.file.io Open in urlscan Pro 18.66.112.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

82 %HTTPS

30 %IPv6

37 Domains

55 Subdomains

38 IPs

11 Countries

1289 kBTransfer

3187 kBSize

52 Cookies

7 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.file.io Open in urlscan Pro
18.66.112.21 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

82 %
HTTPS

30 %
IPv6

37
Domains

55
Subdomains

38
IPs

11
Countries

1289 kB
Transfer

3187 kB
Size

52
Cookies

106 HTTP transactions
2 data transactions