urlscan.io logo urlscan.io
SecurityTrails logo

www.file.io Open in urlscan Pro
18.66.112.123  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Submission: On January 08 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 92 IPs in 11 countries across 66 domains to perform 404 HTTP transactions. The main IP is 18.66.112.123, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io. The Cisco Umbrella rank of the primary domain is 514180.
TLS certificate: Issued by Amazon on February 24th 2022. Valid for: a year.
This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 18.66.112.123 16509 (AMAZON-02)
3 151.139.128.10 20446 (STACKPATH...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
3 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 107.23.246.142 14618 (AMAZON-AES)
1 65.9.66.104 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 22 185.89.210.180 29990 (ASN-APPNEX)
5 72.34.250.78 27630 (AS-XFERNET)
23 35.157.246.167 16509 (AMAZON-02)
2 185.255.84.151 200271 (IGUANE-)
11 185.64.190.77 62713 (AS-PUBMATIC)
5 147.75.85.234 54825 (PACKET)
10 178.32.210.227 16276 (OVH)
8 34.240.26.227 16509 (AMAZON-02)
6 35.158.19.152 16509 (AMAZON-02)
8 3.124.23.197 16509 (AMAZON-02)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
10 3.225.232.73 14618 (AMAZON-AES)
4 18.232.237.173 14618 (AMAZON-AES)
4 69.16.175.10 20446 (STACKPATH...)
1 52.0.141.180 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 4 54.78.254.47 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 1 35.214.223.115 15169 (GOOGLE)
4 54.196.150.187 14618 (AMAZON-AES)
1 185.86.139.104 201081 (SMARTADSE...)
3 7 2.23.97.10 20940 (AKAMAI-ASN1)
1 1 213.19.147.45 26120 (RHYTHMONE)
1 132.226.63.138 31898 (ORACLE-BM...)
9 23.35.236.201 16625 (AKAMAI-AS)
1 216.52.2.19 30282 (AS-INAPCD...)
1 2 18.156.0.31 16509 (AMAZON-02)
1 1 96.16.141.156 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
1 82.145.213.8 39832 (NO-OPERA)
1 51.75.86.98 16276 (OVH)
2 3 198.148.27.139 19189 (PULSEPOINT)
3 3.123.244.55 16509 (AMAZON-02)
3 5 52.58.228.255 16509 (AMAZON-02)
1 52.202.176.118 14618 (AMAZON-AES)
1 104.111.217.42 16625 (AKAMAI-AS)
6 52.223.40.198 16509 (AMAZON-02)
5 10 142.250.186.34 15169 (GOOGLE)
1 104.244.42.67 13414 (TWITTER)
1 198.47.127.19 3257 (GTT-BACKB...)
4 2a00:1450:400... 15169 (GOOGLE)
3 13.32.27.89 16509 (AMAZON-02)
12 76.223.111.18 16509 (AMAZON-02)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
3 2a02:2638:1::1a 44788 (ASN-CRITE...)
3 185.94.180.124 35220 (SPOTX-AMS)
6 213.19.147.42 3356 (LEVEL3)
2 52.50.247.181 16509 (AMAZON-02)
1 69.173.151.100 26667 (RUBICONPR...)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 185.29.132.241 30419 (MEDIAMATH...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 172.104.45.159 63949 (AKAMAI-AP...)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 3.71.169.66 16509 (AMAZON-02)
1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 4 3.124.199.76 16509 (AMAZON-02)
13 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.95.126.138 16509 (AMAZON-02)
2 4 69.173.144.139 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 3 209.54.182.161 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:2638::c 44788 (ASN-CRITE...)
2 2a02:2638::21 44788 (ASN-CRITE...)
4 162.19.138.119 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 18.134.84.15 16509 (AMAZON-02)
2 162.19.138.120 16276 (OVH)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2600:1901:0:8... 15169 (GOOGLE)
3 178.250.2.146 44788 (ASN-CRITE...)
7 23.203.124.180 16625 (AKAMAI-AS)
5 69.166.1.12 27630 (AS-XFERNET)
1 1 193.0.160.128 54312 (ROCKETFUEL)
404 92
42    18.66.112.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-123.fra56.r.cloudfront.net
www.file.io
3    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
hb.vntsm.com
1    2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    107.23.246.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-246-142.compute-1.amazonaws.com
file.io
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
cdn.exelator.com
1    2600:9000:211a:ae00:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)
d1oykxszdrgjgl.cloudfront.net
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
17    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
22    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    72.34.250.78 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
23    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
web.ssp.yahoo.com
2    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
11    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
10    178.32.210.227 (France)

ASN16276 (OVH, FR)
PTR: ip227.ip-178-32-210.eu
prg.smartadserver.com
8    34.240.26.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
ad.360yield.com
6    35.158.19.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-19-152.eu-central-1.compute.amazonaws.com
tlx.3lift.com
8    3.124.23.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
6    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.aniview.com
player.aniview.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
2    2a02:26f0:3500:c::5c7b:6837 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
feed.avplayer.com
1    2a02:26f0:f700:4::212:4f15 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
10    3.225.232.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-232-73.compute-1.amazonaws.com
track1.aniview.com
4    18.232.237.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-237-173.compute-1.amazonaws.com
track1.avplayer.com
4    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
content1.avplayer.com
1    52.0.141.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-141-180.compute-1.amazonaws.com
go1.aniview.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
4    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
mydmp.exelator.com
load.exelator.com
loadm.exelator.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
26    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
4    54.196.150.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-150-187.compute-1.amazonaws.com
sync.aniview.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
7    2.23.97.10 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-10.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    132.226.63.138 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    3.123.244.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-244-55.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
5    52.58.228.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-228-255.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.202.176.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-176-118.compute-1.amazonaws.com
onsite-tag-logs.apps.nielsen.com
1    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
10    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    13.32.27.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-89.fra56.r.cloudfront.net
ib.3lift.com
12    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
6    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
2    52.50.247.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-247-181.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    172.104.45.159 (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1625-159.members.linode.com
a.c.appier.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    2a02:26f0:dc::6853:4bb (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sportradarserving.com
4    3.124.199.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-199-76.eu-central-1.compute.amazonaws.com
eu.sportradarserving.com
13    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a05:d018:d29:3602:f84d:3d72:727e:650c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
2    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    18.134.84.15 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-15.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
7    23.203.124.180 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
Apex Domain
Subdomains		 Transfer
43 file.io
www.file.io — Cisco Umbrella Rank: 514180
file.io — Cisco Umbrella Rank: 397936
941 KB
39 googlesyndication.com
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
895 KB
29 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
acdn.adnxs.com — Cisco Umbrella Rank: 872
141 KB
27 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
252 KB
26 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1653
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
web.ssp.yahoo.com — Cisco Umbrella Rank: 4541
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
4 KB
21 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 11486
track1.aniview.com — Cisco Umbrella Rank: 2485
player.aniview.com — Cisco Umbrella Rank: 2548
go1.aniview.com — Cisco Umbrella Rank: 5987
sync.aniview.com — Cisco Umbrella Rank: 3349
250 KB
21 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 817
ib.3lift.com — Cisco Umbrella Rank: 2158
eb2.3lift.com — Cisco Umbrella Rank: 497
77 KB
21 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 739
ads.pubmatic.com — Cisco Umbrella Rank: 741
image6.pubmatic.com — Cisco Umbrella Rank: 996
62 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
pix.eu.criteo.net — Cisco Umbrella Rank: 5392
csm.eu.criteo.net — Cisco Umbrella Rank: 5670
331 KB
15 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1267
eus.rubiconproject.com — Cisco Umbrella Rank: 832
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 6257
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1711
token.rubiconproject.com — Cisco Umbrella Rank: 858
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
15 KB
13 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9945
ads.eu.criteo.com — Cisco Umbrella Rank: 5530
bidder.criteo.com — Cisco Umbrella Rank: 834
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7363
gum.criteo.com — Cisco Umbrella Rank: 446
mug.criteo.com — Cisco Umbrella Rank: 1856
61 KB
11 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 16410
player.avplayer.com — Cisco Umbrella Rank: 11528
track1.avplayer.com — Cisco Umbrella Rank: 12913
content1.avplayer.com — Cisco Umbrella Rank: 16502
156 KB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1916
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085
5 KB
10 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 3282
sync.go.sonobi.com — Cisco Umbrella Rank: 1362
15 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
2 KB
8 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1648
1 KB
8 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 796
1 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 977
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
4 KB
7 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 846
5 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7498
2 KB
6 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1193
475 B
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
2 KB
5 sportradarserving.com
creatives.sportradarserving.com — Cisco Umbrella Rank: 45021
eu.sportradarserving.com — Cisco Umbrella Rank: 38587
319 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1256
851 B
5 exelator.com
cdn.exelator.com — Cisco Umbrella Rank: 21165
mydmp.exelator.com — Cisco Umbrella Rank: 17514
load.exelator.com — Cisco Umbrella Rank: 7862
loadm.exelator.com — Cisco Umbrella Rank: 2377
12 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
192 KB
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 705
3 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 821
1 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 1851
73 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 27003
321 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1403
796 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 679
1 KB
2 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 33635
323 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4327
778 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2763
25 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2193
15 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1248
734 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 3009
247 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4816
532 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 5104
270 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
5 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
707 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1385
55 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7600
233 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15948
557 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5103
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1004
463 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 981
392 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1585
162 B
1 nielsen.com
onsite-tag-logs.apps.nielsen.com — Cisco Umbrella Rank: 16690
264 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1963
414 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 983
304 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1743
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
243 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1202
314 B
1 cloudfront.net
d1oykxszdrgjgl.cloudfront.net
42 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1937
944 B
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 37587
676 B
0 rlcdn.com Failed
api.rlcdn.com Failed
404 66
Domain Requested by
42 www.file.io www.file.io
hb.vntsm.com
d1oykxszdrgjgl.cloudfront.net
26 tpc.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
www.file.io
tpc.googlesyndication.com
22 ib.adnxs.com 1 redirects hb.vntsm.com
acdn.adnxs.com
20 c2shb.ssp.yahoo.com hb.vntsm.com
14 securepubads.g.doubleclick.net hb.vntsm.com
d1oykxszdrgjgl.cloudfront.net
www.file.io
13 static.criteo.net ads.eu.criteo.com
www.file.io
hb.vntsm.com
12 eb2.3lift.com www.file.io
d1oykxszdrgjgl.cloudfront.net
11 hbopenbid.pubmatic.com hb.vntsm.com
10 cm.g.doubleclick.net 5 redirects cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
eus.rubiconproject.com
10 track1.aniview.com www.file.io
player.aniview.com
10 prg.smartadserver.com hb.vntsm.com
9 ads.pubmatic.com www.file.io
d1oykxszdrgjgl.cloudfront.net
8 pagead2.googlesyndication.com hb.vntsm.com
tpc.googlesyndication.com
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
www.file.io
8 btlr.sharethrough.com hb.vntsm.com
8 ad.360yield.com hb.vntsm.com
7 acdn.adnxs.com d1oykxszdrgjgl.cloudfront.net
7 ads.stickyadstv.com 3 redirects www.file.io
hb.vntsm.com
7 mc.yandex.com 3 redirects www.file.io
6 targeting.unrulymedia.com hb.vntsm.com
6 match.adsrvr.org eus.rubiconproject.com
hb.vntsm.com
6 tlx.3lift.com hb.vntsm.com
www.file.io
5 sync.go.sonobi.com
5 pix.eu.criteo.net ads.eu.criteo.com
5 x.bidswitch.net 3 redirects
5 www.google.com 1 redirects d1oykxszdrgjgl.cloudfront.net
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
5 player.aniview.com www.file.io
5 cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
5 prebid.a-mo.net hb.vntsm.com
5 apex.go.sonobi.com hb.vntsm.com
4 gum.criteo.com 2 redirects d1oykxszdrgjgl.cloudfront.net
4 id5-sync.com hb.vntsm.com
4 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
4 token.rubiconproject.com 4 redirects
4 eu.sportradarserving.com 1 redirects www.file.io
4 www.googletagservices.com d1oykxszdrgjgl.cloudfront.net
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
4 sync.aniview.com www.file.io
4 content1.avplayer.com www.file.io
4 track1.avplayer.com www.file.io
3 mug.criteo.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 search.spotxchange.com hb.vntsm.com
3 bidder.criteo.com hb.vntsm.com
3 ib.3lift.com www.file.io
3 optimized-by.rubiconproject.com d1oykxszdrgjgl.cloudfront.net
3 web.ssp.yahoo.com d1oykxszdrgjgl.cloudfront.net
3 bh.contextweb.com 2 redirects
3 adservice.google.com d1oykxszdrgjgl.cloudfront.net
3 adservice.google.de d1oykxszdrgjgl.cloudfront.net
3 www.google-analytics.com www.file.io
www.google-analytics.com
3 mc.yandex.ru 2 redirects hb.vntsm.com
3 hb.vntsm.com www.file.io
hb.vntsm.com
2 lb.eu-1-id5-sync.com hb.vntsm.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 sync.mathtag.com 2 redirects
2 googleads.g.doubleclick.net cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
2 track.venatusmedia.com hb.vntsm.com
2 eus.rubiconproject.com www.file.io
eus.rubiconproject.com
2 ups.analytics.yahoo.com 1 redirects www.file.io
2 mydmp.exelator.com 1 redirects
2 feed.avplayer.com hb.vntsm.com
2 hb-api.omnitagjs.com hb.vntsm.com
2 script.4dex.io d1oykxszdrgjgl.cloudfront.net
2 i.clean.gg hb.vntsm.com
1 p.rfihub.com 1 redirects
1 lexicon.33across.com hb.vntsm.com
1 1f2e7.v.fwmrm.net 1 redirects
1 id.hadron.ad.gt hb.vntsm.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 creatives.sportradarserving.com www.file.io
1 cs.emxdgt.com cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
1 dsp.adkernel.com cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 s.tribalfusion.com cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
1 cms.quantserve.com cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 ads.eu.criteo.com cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com www.file.io
1 image6.pubmatic.com ads.pubmatic.com
1 analytics.twitter.com
1 loadm.exelator.com
1 load.exelator.com
1 sync.teads.tv
1 onsite-tag-logs.apps.nielsen.com cdn.exelator.com
1 onetag-sys.com www.file.io
1 t.adx.opera.com www.file.io
1 u.openx.net www.file.io
1 secure-assets.rubiconproject.com 1 redirects
1 ap.lijit.com www.file.io
1 sync.technoratimedia.com www.file.io
1 sync.1rx.io 1 redirects
1 ssbsync.smartadserver.com www.file.io
1 csync.loopme.me 1 redirects
1 go1.aniview.com hb.vntsm.com
1 player.avplayer.com d1oykxszdrgjgl.cloudfront.net
1 tg1.aniview.com d1oykxszdrgjgl.cloudfront.net
1 stats.g.doubleclick.net www.google-analytics.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 cdn.exelator.com hb.vntsm.com
1 file.io www.file.io
1 ad-delivery.net hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
0 api.rlcdn.com Failed hb.vntsm.com
404 108

This site contains links to these domains. Also see Links.

Domain
mrcowboy.com
bid.glass
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
github.com
Subject Issuer Validity Valid
*.file.io
Amazon		 2022-02-24 -
2023-03-25		 a year crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-06		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.exelator.com
Amazon		 2022-11-09 -
2023-12-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2022-12-01 -
2023-03-01		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-11-09		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
outstreamedia.com
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
onsite-tag-logs.apps.nielsen.com
Amazon		 2022-05-09 -
2023-06-07		 a year crt.sh
teads.tv
R3		 2023-01-05 -
2023-04-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.venatusmedia.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
tracker.ads.sportradar.com
R3		 2022-11-23 -
2023-02-21		 3 months crt.sh
*.sportradarserving.com
Entrust Certification Authority - L1K		 2022-09-30 -
2023-10-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-12-21 -
2023-03-21		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh

This page contains 54 frames:

Primary Page: https://www.file.io/y9ow/download/B6DsLalNndDE
Frame ID: 54004DAB52A8B008A1EF4E5A561E2152
Requests: 248 HTTP requests in this frame

Frame: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 060A6AD8F4226CE9BAF657F9BBCACDFB
Requests: 1 HTTP requests in this frame

Frame: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4B085C0B3734265D17101E53EA4136A
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Frame ID: 8BB2845F484158122FE7D92D75FB79C5
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A84924BE8112BE8D346A0E72ADAC3C02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9DE4CFD6377491E8A99B5151D81C9DC0
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=56&pid=5f2063121d82c82557194737&key=9f62bbb6-25eb-4850-b475-0c03c7f32965&gdpr_consent=null&gdpr=1
Frame ID: 04D009E20D1B4F676C6AFD51650CC0D0
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Frame ID: B938B7EDE20749C9D7CE7C1BF0508FD3
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1b971479da7698b4c2da3070e7b73d&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 5FDA04668012352153E63F7949050CC9
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: D06C86571AB2B910DE87F225AE7B5BE6
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=200&key=OPTOUT
Frame ID: C85BD618B7C8E68275B8E8347169B6E2
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1673216390902-930099590237-006468-011-008621&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: A69C12E7FF438F7F141D7BA9521774DD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D1%26key%3D
Frame ID: 33E970C5D64C1AE9632483D8C4482705
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D18%26key%3D%24UID
Frame ID: 3F685E2824A4FC07E0E209BEBC71D441
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: DB94EEEDDC7B9ACB55DEFE79AAA2CADF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 18E07E4DFE6374C22D5435FB70F0C482
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D23%26key%3D
Frame ID: 210D13D17407A2995F14DD2E09CC9F3E
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Frame ID: 8F91238561758C9C75259CA638C7C03D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: A464BDB4ED9960E76BB7E21CE9AFF17B
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=10&pid=59c9148628a0612da3689288&key=8FReHXdeqNis&ev=1&us_privacy=1---&pid=562704
Frame ID: D51E6865F21056B1933F67186F0D6277
Requests: 1 HTTP requests in this frame

Frame: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FAAD28C0B16178A02AAD7686F8BB9A16
Requests: 10 HTTP requests in this frame

Frame: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8FB94EC565A70361139A22DDDFF035B0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7EOGsM7k1wVRFLTQXoaoq5HBo7VdUFvChZaBfHrAI3ov9edkTggkv5PVQ0VENsIUDSt22HcztQ6IMA0Ot2jt0SQ4s89xQd0wVRKLCGxoFwXlMXTGZ3WTmDPj4L0zxwlYQtCjdZwHDLrzC03wLSINtH4N_oWvTK8Ocgy0mrZ5wj5DtdKRuq--A2zHFcbGvJvnQ1cYLU4JegC7xkhSbLFA6FlHUet1LCGR_SIzn86PnlN5HEwNsGDBqDh1yv6yRyQ3pxW37s6PD9TsRUrpwyKZRB3P81RVJ43q85KO-wYAUqRTk0ChAtYafuIw3fqW9x7PMvNg--N-IaNAslrjru0U5y32x5E028Z_Lrb_ZgIwNwhdp80XJRv6j5MYB5DY&sai=AMfl-YQqqUpWxRuwms4-X2yh6t1qTgDO6nYGK8q8iekkxELwPQdKKFjeKY0cGZWm-qZhZAcO56tBWxDI-o88rkj7hSqFoTBPP7PtpW1erfNTaQuAZ6YBlFk7Ea8ih5vEV_2Fmw&sig=Cg0ArKJSzOuuspHRDntHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0C6C771A3978764700B44EEF05B7A7B3
Requests: 3 HTTP requests in this frame

Frame: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Frame ID: 6F64EF14B7794C59F5BDC9E40E6BDAAC
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Frame ID: B0433F7887AFB575526EC5C270C48F56
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3ECFB4503360606FFF93AACCA601F293
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Frame ID: 9311181EE828CF7D3D381EB0CBE19AFE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BECB3273C50F9E3431565CD4D0C1AF9E
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: A386C8DD78A37022B7B2CAEFE352204B
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sportradarserving.com/b98f1ab2-f5e3-4ac1-a78c-7252e503f599/970x250.gif
Frame ID: F9CD7AE0E7B170D30C7AB8D591E34BD6
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=53298
Frame ID: 72C5BE48942B37F0F391ECD4E0F34358
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: F2470A7F117C976B07B0BD4C2E8564A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: B15106622CCB5D5C2D86F074C4B5AC40
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: 2E9B3215B6E43EA01264ADCDF558DDAE
Requests: 1 HTTP requests in this frame

Frame: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3329C62AA1E4101323690C2F8D82FDB6
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1E6641DEB809A900D242E6E6E82C1868
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 429E376F32B8FEB03F7DED11E33C6A64
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3B5ED4A678817BAB72E612BC26A63B57
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 534C6A63ACD18AB6ED6573EEC16A7A55
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F6D7BB0D260AFEE27D70F9AA3A863C8A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 46B1357F2211E25B1FBC7108CB86F874
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 853D9CDE8F148E9750CC28E90F8F1D69
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD4A412D08E48A1F42D85F7997BC6B52
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FF1A1C8283DD8371F4D51300795BE404
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8DDFC1ACD7F6E0E10DE0D9F27A06ED82
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 780667B0445F87CD013A8815257991EB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 91FDB243692E67BD09D9421CACF77754
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F092C42766A800100838712C03BA49B3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: D9FBC448305ACB64C2647F26D1D4E70C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 7044D6B86D64BAA3A065843E358F21A1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 99F06DC6662E3987B96FA61E9952EEF2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A6643F23AC63C099CE2D7C634DB517BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Frame ID: 3DCE626128BB43625679D22F0968E54C
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.file.io
Frame ID: A2F606D3F48D979A360F00BEE8269048
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error | file.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

404
Requests

93 %
HTTPS

34 %
IPv6

66
Domains

108
Subdomains

92
IPs

11
Countries

4233 kB
Transfer

16591 kB
Size

86
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9877.xWD9lG1YfgAxWH-UytP8AeS7ft0_o0c2FHdJDCZkr7uOL0TN2M_fGvX_42GhcjD1.EfoU0azVqm9NjLgasfhNnjHG0tc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9877.W32v64kH74yVzvOFiSgDEQO57EjRUdS-dGa6qLAy7yNQY-JjI0e9or6Ym1wwLkxVEH_uJxv4IjTHDWJFpOHBnzPsk9mAUz5DoGoAjNX7mBE%2C.GOFV5XTR3jBUUztD6xVsZCChw4w%2C
Request Chain 35
  • https://mc.yandex.com/watch/90916604?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1124%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1283852321386%3Ahid%3A27664885%3Az%3A0%3Ai%3A20230108221949%3Aet%3A1673216389%3Ac%3A1%3Arn%3A744124090%3Arqn%3A1%3Au%3A1673216389688071306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C17%2C447%2C626%2C%2C0%2C%2C3%2C0%2C%2C%2C%2C1109%3Aco%3A0%3Acpf%3A1%3Ans%3A1673216388103%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673216390%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1124%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1283852321386%3Ahid%3A27664885%3Az%3A0%3Ai%3A20230108221949%3Aet%3A1673216389%3Ac%3A1%3Arn%3A744124090%3Arqn%3A1%3Au%3A1673216389688071306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C17%2C447%2C626%2C%2C0%2C%2C3%2C0%2C%2C%2C%2C1109%3Aco%3A0%3Acpf%3A1%3Ans%3A1673216388103%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673216390%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 40
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9877.wnXuWTwLstYkflL0EYwFtVuAH7vFywUCO1e_Afdg1t2M_IBUKcyeJ9pWHXnH-nyu.qrlvsLBOWk8IpBk3UUmVOWwuRq8%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9877.GRvzOWOYWfCKOvzE_DCuryjfqcnvZ2wqQHFEBfjmPLnBL2rskeSZ-GJd5Yuw1gCkiz-Y2M6jQ-FvoYFqFyPoBpbsoiWGQO_IAL2IJIcB2Mo%2C.ZZ6LJVKvgH2mm5OVSZATmYPw7cc%2C
Request Chain 144
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d HTTP 307
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Request Chain 151
  • https://csync.loopme.me/?pubid=&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D56%26pid%3D5f2063121d82c82557194737%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=56&pid=5f2063121d82c82557194737&key=9f62bbb6-25eb-4850-b475-0c03c7f32965&gdpr_consent=null&gdpr=1
Request Chain 153
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1b971479da7698b4c2da3070e7b73d&_fw_gdpr=1&_fw_gdpr_consent=
Request Chain 155
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=200&key=OPTOUT
Request Chain 160
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 164
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=10&pid=59c9148628a0612da3689288&key=8FReHXdeqNis&ev=1&us_privacy=1---&pid=562704
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MjBjYzQ1MTllMjUyYjJhY2Y3MzlhNjY5ZjQ0NTEzOTk&&google_redir=https://load.exelator.com/load/?p=204&g=109 HTTP 302
  • https://load.exelator.com/load/?p=204&g=109
Request Chain 179
  • https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=013&bi=4709937452655253906&j=0
Request Chain 218
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHUDMdJ7CZ7Ve7QAtyvBwfI&google_cver=1&google_push=AavPq0OEIEpseeMfzOmZ94qoX3gmXLV66gfc2cvkiN-Zf89iqK23jgfQXbfvc8EhMmxyMK_EVRXbFgQNIxL2oKxg8xmvbNXe4xY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0OEIEpseeMfzOmZ94qoX3gmXLV66gfc2cvkiN-Zf89iqK23jgfQXbfvc8EhMmxyMK_EVRXbFgQNIxL2oKxg8xmvbNXe4xY
Request Chain 219
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGoGieYbGRieBGPKPSHJsbc&google_cver=1&google_push=AavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGoGieYbGRieBGPKPSHJsbc&google_cver=1&google_push=AavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 220
  • https://a.c.appier.net/gcm?google_gid=CAESEO9fkx6cLDJYA9dMBKweBC8&google_cver=1&google_push=AavPq0NKlk6IqzrK-ugTPSFAqcLa-56lPT4AxBBR0ltOivIl4KTTw9dfZV_w96KGS3kHo05HlN73_PGb8z-72Ykx25ipCYmxZAqy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bl95aHVaZlNBMjZrNG15TWlFRzdZdw%3D%3D&google_push=AavPq0NKlk6IqzrK-ugTPSFAqcLa-56lPT4AxBBR0ltOivIl4KTTw9dfZV_w96KGS3kHo05HlN73_PGb8z-72Ykx25ipCYmxZAqy
Request Chain 232
  • https://eu.sportradarserving.com/content/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfujNRNG3zKNrbfpwYPcf7FfT3fn7vopsjFfboV5Xa9n6GYA1eMn2EqVYG4vkiVjS-zUyxLqd3jLibUZHZx9_5nrQTe3yla8c_rUcK4sZpqdkj2864aMRrymiDn8l-rGW11cJasXMepR-qdhOF6KOS9fkDAlDWudgP9nyGftHEgHIRGa_y9rtU3ylZtECWxPmBX1nSfH6-5uvRgTbxPvJL4gTOMoKfE3LODYjkfDQX7cSKN0QtbsDn22ZlsXe8W4Fbaa1Mdiy8Rn12TDk5c1ZxKSAkIdP3eLyD6xkGGJa0wihsHI2NyHiz6ARm_bTK-jaxkQWpUA1QF2tTfQb1qTh1w90m7bPo_kl9maI5QaMX7aNIt45KIFq3pN8kVUk6RG2YPdYLuVWAM8cdlLPMG6jf1qmYjal3c77Eqe5rZ6L5ms1G0IOQCzwA3V0mW35o_uB_exF98hL7Xqy03XXAY_ECko3tWYPYlUwQiDGe3sKoOn9oMPkgRdV6FKOHSbYsJeHMjPSw5gs6koEEjXcNWQWaRTdyyhOzYMl50v7OCIspbTCtsqSUGf7Ad_tYOF9hRvTiAjsoJUoVMvHDuXfiqrf8GX8w5orR9q0BTuLONkRBF21ZznqpHBXVK6FgVfjI-V4YrjNo83ssBGTINo1M64h6Glst9pdZ7FHlnLK_Xcjt1Nh7dH5UWPz4N4SFfoHabd-sJNgt3KAxDgUd9cJsvF8k2LBLrHofrfIY0E2CQOpnt3nh84I808XcuK6nMS75raSNFBZVmXng4aixKRuG1USDQ7nxXzdQ4oqRWEmSjtm7rE0q1a_SdCCH5PftzKgdVAP0paprwpcDcAwCU8sRijntQjtfFCQIIOUZ1GzeQKqNouSAHnmn5TQUtFM7fhoAPt8WGJtPl8cQ-i4G8URpqQ/ HTTP 302
  • https://eu.sportradarserving.com/ul_cb/content/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfujNRNG3zKNrbfpwYPcf7FfT3fn7vopsjFfboV5Xa9n6GYA1eMn2EqVYG4vkiVjS-zUyxLqd3jLibUZHZx9_5nrQTe3yla8c_rUcK4sZpqdkj2864aMRrymiDn8l-rGW11cJasXMepR-qdhOF6KOS9fkDAlDWudgP9nyGftHEgHIRGa_y9rtU3ylZtECWxPmBX1nSfH6-5uvRgTbxPvJL4gTOMoKfE3LODYjkfDQX7cSKN0QtbsDn22ZlsXe8W4Fbaa1Mdiy8Rn12TDk5c1ZxKSAkIdP3eLyD6xkGGJa0wihsHI2NyHiz6ARm_bTK-jaxkQWpUA1QF2tTfQb1qTh1w90m7bPo_kl9maI5QaMX7aNIt45KIFq3pN8kVUk6RG2YPdYLuVWAM8cdlLPMG6jf1qmYjal3c77Eqe5rZ6L5ms1G0IOQCzwA3V0mW35o_uB_exF98hL7Xqy03XXAY_ECko3tWYPYlUwQiDGe3sKoOn9oMPkgRdV6FKOHSbYsJeHMjPSw5gs6koEEjXcNWQWaRTdyyhOzYMl50v7OCIspbTCtsqSUGf7Ad_tYOF9hRvTiAjsoJUoVMvHDuXfiqrf8GX8w5orR9q0BTuLONkRBF21ZznqpHBXVK6FgVfjI-V4YrjNo83ssBGTINo1M64h6Glst9pdZ7FHlnLK_Xcjt1Nh7dH5UWPz4N4SFfoHabd-sJNgt3KAxDgUd9cJsvF8k2LBLrHofrfIY0E2CQOpnt3nh84I808XcuK6nMS75raSNFBZVmXng4aixKRuG1USDQ7nxXzdQ4oqRWEmSjtm7rE0q1a_SdCCH5PftzKgdVAP0paprwpcDcAwCU8sRijntQjtfFCQIIOUZ1GzeQKqNouSAHnmn5TQUtFM7fhoAPt8WGJtPl8cQ-i4G8URpqQ/
Request Chain 241
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCNXU68Y-14-JTJN
Request Chain 242
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T063aLPRTE-LeBK_6sj1sA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=T063aLPRTE-LeBK_6sj1sA
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK22owvq9tnKOg4WwWz1wDc&google_cver=1
Request Chain 244
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WosyHfyUDz5g-J0-vvYhnsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bYS3lWpE2oJkEg_dumELQowLEPHYhwosuNhcFA--~A
Request Chain 245
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI0ZjAyY2JkNzFjZGMzZTIyYWE0NGMzZDIyNmEwODk2ZGM0MDkwOQ
Request Chain 246
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sGv5UeoISa6jeLJP1YR7qg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sGv5UeoISa6jeLJP1YR7qg
Request Chain 247
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENOWFU2OFktMTQtSlRKTg==
Request Chain 268
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 316
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b1014b44d513bcae9c0d9ff4d97d5db&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2703_7186409682771570967&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 340
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HFDaSHxyOExQdERYL0MzTXF5UlphdXZIL054YjVGZGxZM3VzbFNGRWZ3S3VPUytXbTU1cyt3T0NiYlhwOW5wV1U5eVo5c09ic29wOVl5VlB5ais2R1EyNUJQOE1SSFptTnJmOUFsVWRYQTgrUUhKbHgxTFFLZzJlV2RwdWNCaVJRU1BLSUdxay9jMlN1VXpqTFA5SFlNVmc4RjJTL0xsbFFIamNTV3Y5N2xGNGxaVWhBeHNjWE5VVHRrYVZ2QmJ5eFpVQmRyUER1dll1M1ZjUXJ2MTJCT1dMei9PRmx4Tzg1d2lzWERKL0M5OHhwNDBWVzJUVHVRVGJEOU4xRDcvMGx2S2cvfA&cppv=2
Request Chain 363
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-p0ip3OZE2uEc_H2yu8dljBUTKyjKo7VYUv_1.FA-~A
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Mzk2ZDU4OTItYTc2OC00MzQwLTg4M2EtMmJiOTAxMzhiMTRj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOvCgWVmaIOYTygxwUJHKi8&google_cver=1
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=dd559210-d150-4357-aa82-bb816a971c38&google_hm=ZGQ1NTkyMTAtZDE1MC00MzU3LWFhODItYmI4MTZhOTcxYzM4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC2NLYtx6fA6_cV0HYyMILQ&google_cver=1&ssp=sonobi&bsw_param=dd559210-d150-4357-aa82-bb816a971c38 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=dd559210-d150-4357-aa82-bb816a971c38
Request Chain 366
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5133329523736712215
Request Chain 368
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=396d5892-a768-4340-883a-2bb90138b14c&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RDhaZl9seWpqNjgyS3BYcGtxQzRSUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEICa61Pmf4oQotmU9IRCaPA&google_cver=1
Request Chain 369
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ca8163bb-4188-4a00-a79c-5c36fafc315a
Request Chain 417
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=file.io&sn=ChromeSyncframe&so=3&topUrl=www.file.io&bundle=N7e-HF9OZzRmZk5DUjBOYUpCRnc4dFROYkhRREE4TUEyQVlzOXl1cG5YRWtLdmprJTJCWmNtQkhMOEcwbnBJRTdrMTMyQlZHbkx4ekJqVHdlVEFVdnVXemhSUWxTOEZrRUdJeExtMVolMkJWc2pXOVFCeTglM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=UGLAF3xaeUtZQ0tCS2gwSExUU3htMGt3TUNGMGpWa2V2QTdqUSs5Zk1meGtHMVl0ZG85MG1KelA0L0lha0h2QWlVTXh1Zjg3cGhteEV1ZEY5RHdSVENGWlBUNEZZVHdaSDIyNTB1aWwyWEtQaFdUM3ZSajJwNnZLU0lHMkRwSGJQSkVEeFBGVXIvNjZHWDlpV3dZdjdhRDIzUlFCMzFKYi9BR1ZjSDFYdGxqQXAvOWNGZEo0VE1Ob0gzWVBiUm1HUi8wVS9tL0djUW9BZkt5Mi96Vm8xYVpveDZYS3pSNDFWY1hBRVVIdkRxY2UycXh4YTkrVWdYYzNnMkdaNEtGNzFKbVQ1NWpFK1poT3c5cU14WnpYa3RSaWlwaktZeGtBY2lmM3R5QUV2T0hRVzVQMD18&cppv=2

404 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request B6DsLalNndDE
www.file.io/y9ow/download/ 		312 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adb2e9e059ded06e4d90112e3e0e740d59b3f76c3663f35f95062dceb12f4e12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=86400
content-encoding
br
content-type
text/html
date
Sun, 08 Jan 2023 22:19:49 GMT
etag
W/"e53eb144f4ea9c80749b7d99ed18bd9c"
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-id
B4iPv3kZNo2jbY5uzUQ21tpPeIK6k8S3BSE1TAmZIrANbTtNnIdFzQ==
x-amz-cf-pop
FRA56-P5
x-amz-id-2
cAiqltJaCpdyNx1hZ8IL1bSkl/H8S9lHM0teQAIcHWKlkMXf6cM285Unqja6iefckP2kyM2NZOrqtqnx8b1zFw==
x-amz-request-id
94J33G123KN7XGHM
x-cache
Miss from cloudfront
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1 MB
314 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
d24f66c7f0655cd06636a64eff59ddf8bfe30701ca9c6cda5d4b19415ec4c8a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 22:19:48 GMT
Content-Encoding
gzip
Venatus-CDN-HB-Rule-Version
1.1
X-IP
138.199.38.133
Connection
keep-alive
Content-Length
320224
x-sp-metadata
HS256.CJSf7Z0GEokBCiQ5OWMyZDc2MC05YzI3LTQ2NTMtOTRmNy02MmNmZDE2ODExOGIQyP251qKI/AIaBgiEg+2dBiIOMTM4LjE5OS4zOC4xMzMoqMMCMAI4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ2OWQyZmY2OS1mZmExLTQ1MmYtYTEyZi01NzU0YzkyMzY1ODEY4MUTIhgIAhIUY2RzMTMxLmZyOC5od2Nkbi5uZXQ=.0K9lcyjFi7QgyO2zh+DluSwswfFdGVOgOdFMficKrqg=
Last-Modified
Tue, 03 Jan 2023 11:49:47 GMT
ETag
"535f1c109cb4e576b821c84c122b0f21"
X-HW
1673216388.cds207.fr8.hn,1673216388.cds131.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo, Content-Type,x-bl,x-geo-subdivision
Cache-Control
max-age=413
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
X-Geo
DE
6357fe75b1abda701427d92a.enc
hb.vntsm.com/v2/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
BunnyCDN-IL1-1029 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Access-Control-Allow-Headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Type
application/octet-stream
Date
Sun, 08 Jan 2023 22:19:48 GMT
Server
BunnyCDN-IL1-1029
Transfer-Encoding
chunked
X-HW
1673216388.cds234.fr8.hn,1673216388.cds234.fr8.sl
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
US
cdn-requestid
8ceb7aabffaa6d6fa150527a5c4bcaf8
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
x-bl
0 0
content.html
hb.vntsm.io/ 		32 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:48 GMT
cf-cache-status
HIT
x-amz-request-id
G7D5RA28J3R39DY0
age
4751
content-length
32
x-amz-id-2
VjGrgXO71XOSivEFmpXSVxIKqp/FYDN65v6nxu+AFiYsFyq10fzBA4fZEF0EAPnijiiGvOOwuqA=
geo
DE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7868511e2913909c-FRA
6357fe75b1abda701427d92a.enc
hb.vntsm.com/v2/live/ 		39 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
BunnyCDN-IL1-1029 /
Resource Hash
aa92025db7d6e619e6251e77dd26f5266bd18bdb3cd110b06b4ac6250762dc92

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
ref_url
aHR0cHM6Ly93d3cuZmlsZS5pby95OW93L2Rvd25sb2FkL0I2RHNMYWxObmRERQ==

Response headers

Date
Sun, 08 Jan 2023 22:19:48 GMT
Content-Encoding
br
cdn-edgestorageid
940
Transfer-Encoding
chunked
cdn-cachedat
01/04/2023 15:38:21
cdn-pullzone
131999
Connection
keep-alive
Last-Modified
Fri, 09 Dec 2022 15:41:50 GMT
Server
BunnyCDN-IL1-1029
cdn-proxyver
1.03
cdn-requestpullcode
200
ETag
W/"f22a972c9769c5941b943c4fab8a0755"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
Access-Control-Expose-Headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Access-Control-Allow-Credentials
true
x-bl
0, 0
Cache-Control
public, max-age=86400
cdn-requestid
9226fee618dc9d1c41558c814b1980c9
X-HW
1673216388.cds234.fr8.hn,1673216389.cds234.fr8.sl
cdn-requestcountrycode
US
Access-Control-Allow-Headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
tag.js
mc.yandex.ru/metrika/ 		211 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Dec 2022 07:53:53 GMT
etag
"63ae6ee1-12019"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73753
expires
Sun, 08 Jan 2023 23:19:49 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Jan 2023 21:50:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1752
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 08 Jan 2023 23:50:37 GMT
app-94ab6235bc4552ec45d3.js
www.file.io/ 		651 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/app-94ab6235bc4552ec45d3.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6adc8d1333d3210036fb1f70540db20bce7b2540a199635eda879d05002e8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:04:30 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:39 GMT
server
AmazonS3
x-amz-request-id
WG8TC30PM7K3MQ7P
x-amz-cf-pop
FRA56-P5
etag
W/"d5b96f90610fd0e66fccb62435e7f262"
age
3186919
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
IL650MdL3dQhD1SVOcYkwy7nlYZScaO5DKqv6lNqBHYcu1YQL1CkiQ==
x-amz-id-2
pIflAuFAl9+iCQqywFF+PSZ5rngD2n+Ag7dutf++VlgY6jdV9rXshAesjGSO2m2eb52x74mB0tI=
0eceb729-761e2b4090024f08e2ca.js
www.file.io/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/0eceb729-761e2b4090024f08e2ca.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 00:23:25 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:35 GMT
server
AmazonS3
x-amz-request-id
ZRS7J8K7CE9TZ6GR
x-amz-cf-pop
FRA56-P5
etag
W/"d8fa3e295945b4065c7adabadd2be99b"
age
3534985
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
WW6wRdubVAL8K1ycQrH_F0w_xmptJk-LBJEDP3VH4Hk40tE0VxE08Q==
x-amz-id-2
800sUJ5xZ2X7hZgrSNMU5GTe6ONlrqnKD78IDaqXA7iUH4yksaNuuP+GHNgl0AZ4b+YDt7HL238=
d6a9949e-4e9c210da2d83a376ddb.js
www.file.io/ 		51 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 00:47:27 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
AJ19VKYME2G66BA4
x-amz-cf-pop
FRA56-P5
etag
W/"2feda6389a53a29ad5102ef7918752f6"
age
3274343
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
O0sugfk2qaKRIAkfzqK9c1jXF4-6QfvzD-UgTfQjCOUxvXo0eMXLhw==
x-amz-id-2
v5REDSDIVSrhgImA/z6tyKukPXTJalFiPWbfJuFJyaHXdlZmNy/0TXyW7d4I+lzivbtuUoo3ndg=
e82996df-3c73e38611643c5bb219.js
www.file.io/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e82996df-3c73e38611643c5bb219.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 00:37:34 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
0PBSXFH02D0G33K1
x-amz-cf-pop
FRA56-P5
etag
W/"785aafc2bda0f767992456b4ba1b0627"
age
2583736
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
hk0-Sh98Xl7-oZm0Mvqce2Zqnd3Yanad4ebFBSesTZrljabyLAyvGQ==
x-amz-id-2
dwLWQTPZWos46TVQtFuwPYI5kCpsgShzomChSdNTuNk7mAuroHi/xbBeKgFPIm9siyRbvwvI8wI=
framework-8fce40ee519418a713c9.js
www.file.io/ 		145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/framework-8fce40ee519418a713c9.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 01:18:30 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
x-amz-request-id
E5YBDK1PNVEFSGW7
x-amz-cf-pop
FRA56-P5
etag
W/"c4a5f7717ceee6ea81514ff62873ada9"
age
75680
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
rqxKfhzFdPT2GPlp6pleh8PAniFRfVNC3Xq8NtLujWOe2FKu9Nv27g==
x-amz-id-2
MOGgScAN0cGtS39aS2P+Mnpc7xNscVFJ4wzlDN9PnEpo9MU9jcq+EwlOj4gfIZIlPeJjJ1onTjhD0+UnIAwimQ==
webpack-runtime-e85adc3f73c70220e1cc.js
www.file.io/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eae67948d40ba7e48ffcdc4f534d48bcae6f98e5d1fc77afa1c7e931462772f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:11:00 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:47 GMT
server
AmazonS3
x-amz-request-id
8H22GD8HC73B1FT0
x-amz-cf-pop
FRA56-P5
etag
W/"a0b7944440774d5a3e8f33e901ae323f"
age
328130
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
5K344GDLp_V4DqZtVrnWVlvvNf9BsFIqMf6LlHL5TPGXK7MZs7wA_g==
x-amz-id-2
4jstbOo0t8fyCfrrK8ZjnWtVd7vYVx7KoOeXhOzahULTWj0NuMDxIuxH887FzRSxKeTgg8eQu2w=
Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 02:09:51 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:47 GMT
server
AmazonS3
x-amz-request-id
F85MB0GAF45FXG3Q
x-amz-cf-pop
FRA56-P5
etag
"8dd26c3dd0125fb16ce19b8f5e8273fb"
age
2837399
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
324864
x-amz-id-2
dmIYTSuQD2VqtBeSPFuY73fYpsovTkJP9iCHx0/oDLAlN/R6sTM0kBDyLqycNHmfGCRYZqMXSLU=
x-amz-cf-id
NcpZfZY2J81q3l5grwf6P7u1IwLbkRiaP3UA78AyEB5wNgC0mv1n0A==
px.gif
ad-delivery.net/ 		43 B
944 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1500537
x-guploader-uploadid
ADPycdtnhTwvRwGtGVML3wuenGrjXOy9i4dsDVEI_viVMUVgGJBcBQHwkt2zqd57q7qIWdxB_Gj6s2N07Lz2rA756DuSZZspRAdn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7CWWoraQ8r8dX%2F8SNb4ivQUd3UXLOOa8ck52nCdjsQHU70IRrPFESp6wq43xoqYGoo9MPLAHSFlLFyVYqkd2mHFwrCIK5hzZ4IKiOW%2BbTX5fKiGC4VufWFTaO9BIpNoZ8KTH4Sy6BACPFfTWw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
78685120df35bbd3-FRA
expires
Thu, 22 Dec 2022 14:26:31 GMT
app-data.json
www.file.io/page-data/ 		50 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 00:43:26 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
DSEXTMT87KX83QGC
x-amz-cf-pop
FRA56-P5
age
77783
x-cache
Hit from cloudfront
content-length
50
x-amz-id-2
+4LE117W5Ykt3s71SDQtIStdVyiOHIRbZBZPZY/zdsArKss6HykliHQpmzBb7trKsp8NIEQPQ1o=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"8560808e9c37804e4c72d09857f5dca0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
df2SEsRMx2tTqvD9LU-sjkAWVagTHL2i1KBYM8qxnif--LRcFeSYMg==
page-data.json
www.file.io/page-data/downloadStopGap/ 		208 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/downloadStopGap/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 05:21:23 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
33XHRA8GE1Q50PYS
x-amz-cf-pop
FRA56-P5
age
61107
x-cache
Hit from cloudfront
content-length
208
x-amz-id-2
TKJjjMWlfwQ+AgyYOq7eY3sFOO8EEKGM1JZCVBjmFayq+DSwyY8hoG3vKkbuQuazlAIAF4jGJTE=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"a2bc2e30a9725de62058caf12cd11a0e"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
c0aSrjFQdKwrohPmuSZdelu35KSag3xa5_kovzaJAuo-PxJMR3uNNQ==
cb1608f2-e216539eabbd5925fc79.js
www.file.io/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/cb1608f2-e216539eabbd5925fc79.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f78b804125d36b1a1c502fc0bc1aae64f96ade1ee9a773ba5def5b80804094ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:18:57 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:40 GMT
server
AmazonS3
x-amz-request-id
0WT7MFXJ3R79JXE7
x-amz-cf-pop
FRA56-P5
etag
W/"67e460d9dbcf3a954ab115654390d3d7"
age
327653
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
LiqRSqmG23HjTLneZ2l4bqw32tGULmsmSfToJOASqAk729yA6TvR2g==
x-amz-id-2
aVcaOeDoX5t3N5ixnHetwDOeBqpUwn66A8+8hv/2nCizm3olW9loULnuUezliYx/GZsZ6DHA8PI=
a9a7754c-f1b5f9c5144f62adc766.js
www.file.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:04:32 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:37 GMT
server
AmazonS3
x-amz-request-id
GE5GW14RDBSKDVEV
x-amz-cf-pop
FRA56-P5
etag
W/"4ae04cdf11989fa265bb8cc9b598298f"
age
3186918
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
mIERB55LSemBzD1ydjrqWgn-6K7fmXHWEeX2gVcttO24xCtG-fGS7Q==
x-amz-id-2
Sw/hWzrQLxgk202T5AXrJ6Dg5fS/j+4S4Do2/VPuR8YHNelTVYK/NWkkoNd4SvIRGYlfbhi9Dc4=
381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
www.file.io/ 		117 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:56 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:35 GMT
server
AmazonS3
x-amz-request-id
4H9KR1HMDF26VTPX
x-amz-cf-pop
FRA56-P5
etag
W/"9c41c9970ebc8fe4c98c8f02b631cd07"
age
2756093
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
gPC_dwZlLDOGvmOmI6-BH3K-w-16aHUOYrq56i5NcGWhJPUu5XEl1w==
x-amz-id-2
rcbapc/1Vr2ds2JA/7axMuGwyNN7uQxIhs5ZYlMsTzUL7arwegqRpOcChIDDmVIgFpGExlyFOFo4NnT1hb6Vsg==
a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
www.file.io/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 01:06:49 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:37 GMT
server
AmazonS3
x-amz-request-id
F7298EQYHMQ3KDQ5
x-amz-cf-pop
FRA56-P5
etag
W/"2b921aab089ea83ec7bb825f970e0b68"
age
2495581
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
FnrglgVzjpvnhqSeL55SRdelt50RDZD7XemEhw0z6q9QCW1m0OJznw==
x-amz-id-2
DGDvEgQ+BQqKF91GAUziEHK4Cp8RzW8UIprjo8v6c3W5oM4WiIg4CM4i9QSxjkWsiftOxgtWlvU=
6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
www.file.io/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 01:06:03 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:36 GMT
server
AmazonS3
x-amz-request-id
WANRZX0ZSQR4JQAR
x-amz-cf-pop
FRA56-P5
etag
W/"02f76c7d444e6eab701d07bea36dfd50"
age
3359627
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
4bvTo-FBCgTe2T17T_nATAeBiYGbQ4pDBMIMjVuc3d7_w7l8v9Sgew==
x-amz-id-2
x9ZwpwDDaz963I0mVJRKfAQ//03/IQgbBlguR7MKO1VUp2be+2E3iTAK5dGImXumQv8phjRcCg0=
ed516ccec82792e61eba5551e335b957b2d7d02c-6ae9c8365097e016cebe.js
www.file.io/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/ed516ccec82792e61eba5551e335b957b2d7d02c-6ae9c8365097e016cebe.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a54cc829e9e54c97f61adab5c35ac3225b179b11a792a91f49022d1db7b9b9aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 01:06:49 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
F727GBF2FMQ4YWDR
x-amz-cf-pop
FRA56-P5
etag
W/"83f8c9e26a69db93869cfcef32de2315"
age
2495581
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
X6z8CMPG1wZSgok2f_W3woo1xZe6vSKWcCoguNK7d6rsedbwPnlaBA==
x-amz-id-2
tQV8auO35yKoUa2rrUv8XbFxQl9MFdrhf7PEfoJ7oDcI8CJ5MszYTkfRItV/QWzf0dJZXs7Yky0=
e98b170d240584cc273f592e36a9137245db2ee9-601e8117f7a01666c5d8.js
www.file.io/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e98b170d240584cc273f592e36a9137245db2ee9-601e8117f7a01666c5d8.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d30d2c565bf5a7c183be7055573eb2fa29b73426b924f21018aef4f320eb7974

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 00:21:53 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
Q0XRC5DJJQE7JYVC
x-amz-cf-pop
FRA56-P5
etag
W/"77557173bb9dcf452d03d3a95e38f07f"
age
2498277
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
mLSOXnmEx2b4VrC346cvohB7qlMXOvaUJSlfy1YpqFk616TuMWsLQw==
x-amz-id-2
yA/IHz4P8qMYXdCQh29Xnln+KZvccqmsZ174XQO1p5DbT2mJjyxxj5+xXgWAlO7Q5wAhaT0zy18=
03f9af1d91ffaa672a221f7c6442c75365c47a72-a407f503157eb9fc407a.js
www.file.io/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-a407f503157eb9fc407a.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ea4aac0ea23d8a2f161d7a2cdb85b1273fcc7e76f405a55a1e4fc6eb8faac0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 00:53:40 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:35 GMT
server
AmazonS3
x-amz-request-id
HXH69CKTVGBCGFVH
x-amz-cf-pop
FRA56-P5
etag
W/"a1a221271b899830c49bd8a1200b2f57"
age
2323570
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
s0v805VRyzE20lIDnHUV-pS-SAfU_3PtJo61yP53qnth09_ds1lXiQ==
x-amz-id-2
MudtF6CkuswDquBgnvgUxe3eJpEdrHgGC67kxOJaxo/0wQHcNP0jaj6Zmia6aYjEqlYEiE5795I=
component---src-pages-download-stop-gap-js-176f1428224f4956c814.js
www.file.io/ 		484 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-download-stop-gap-js-176f1428224f4956c814.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55e2bc0de80dec3d96b000d97adcb7a1cce1e7260555f4141f5677a91c730dbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 05:44:36 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
Z95HE06PAWNSFTVR
x-amz-cf-pop
FRA56-P5
etag
"9525d851171232c1012a3a1b9795a681"
age
59714
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
484
x-amz-id-2
3oJXQwO8nl2ZuUtHsjfNKDUXRNMIW6OY5a3efOmo6oLFf9kX0pMhV9glHX2qL8lLYNGYCHTYVaE=
x-amz-cf-id
BKCqoBtTRxyPQWkBwNtvDN-_PodlM1nPeEjPE07KwUxOnSVsm-1R3w==
1655680770.json
www.file.io/page-data/sq/d/ 		447 B
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1655680770.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 01:14:48 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
TVTQ7NV9WM88RPMD
x-amz-cf-pop
FRA56-P5
age
75902
x-cache
Hit from cloudfront
content-length
447
x-amz-id-2
2APnUOo80qabFC06rjy6xOns1GbxM/7EbbJvFyFao4jPINeoT1GGY0ZbqWQyrZ0VCVq6dHxAnLg=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"c839c57483bd5d788408e7fc88e7cc8d"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
FzjPENiiT4iSlThPHuXcY9ibAI3ERUcWQ0hKtGH1dufq5OxhKI7yQA==
1810866655.json
www.file.io/page-data/sq/d/ 		2 KB
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1810866655.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 01:35:56 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
x-amz-request-id
17XR5W4P417DHSG7
x-amz-cf-pop
FRA56-P5
etag
W/"7bb0144e136507cd9bfbaceb72189d09"
age
74634
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
nBFQWm7uGLYD_KQ6_C4er3PxxwftFNXFWi2fp9_eQRIgCznNtSHjiA==
x-amz-id-2
0vsaPHkviSxFWaw+DhyAZVKxE+pq2z3jyGzXVz6qV6AsD/SH+tUAvt5w3BxgOkfGORz1uaZbvIk=
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9877.xWD9lG1YfgAxWH-UytP8AeS7ft0_o0c2FHdJDCZkr7uOL0TN2M_fGvX_42GhcjD1.EfoU0azVqm9NjLgasfhNnjHG0tc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9877.W32v64kH74yVzvOFiSgDEQO57EjRUdS-dGa6qLAy7yNQY-JjI0e9or6Ym1wwLkxVEH_uJxv4IjTHDWJFpOHBnzPsk9mAUz5DoGoAjNX7mBE%2C.GOFV5XTR3jBUUztD6xVsZCChw4w%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9877.W32v64kH74yVzvOFiSgDEQO57EjRUdS-dGa6qLAy7yNQY-JjI0e9or6Ym1wwLkxVEH_uJxv4IjTHDWJFpOHBnzPsk9mAUz5DoGoAjNX7mBE%2C.GOFV5XTR3jBUUztD6xVsZCChw4w%2C
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9877.W32v64kH74yVzvOFiSgDEQO57EjRUdS-dGa6qLAy7yNQY-JjI0e9or6Ym1wwLkxVEH_uJxv4IjTHDWJFpOHBnzPsk9mAUz5DoGoAjNX7mBE%2C.GOFV5XTR3jBUUztD6xVsZCChw4w%2C
date
Sun, 08 Jan 2023 22:19:49 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Dec 2022 07:53:53 GMT
etag
"63ae6ee1-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 08 Jan 2023 23:19:49 GMT
metadata
file.io/B6DsLalNndDE/ 		148 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://file.io/B6DsLalNndDE/metadata
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.246.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-246-142.compute-1.amazonaws.com
Software
/
Resource Hash
405f0df45165485cc091a4dc22cd21b419d57b2724ed46f3b874ced110fe5662

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
etag
W/"94-gnzvncuzIc6RPdTgrCkNUP3iWr0"
x-ratelimit-remaining
9
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
x-ratelimit-reset
2023-01-08T22:20:49.737Z
x-ratelimit-limit
1
access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
content-length
148
retry-after
60
static.min.js
cdn.exelator.com/build/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exelator.com/build/static.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

x-amz-version-id
13EhbDJXZCAdYoXnSII.9TQPnQd89SiV
content-encoding
gzip
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
date
Sun, 08 Jan 2023 01:32:54 GMT
last-modified
Mon, 05 Sep 2022 22:25:32 GMT
server
AmazonS3
x-amz-request-id
BDHDNT3EC4TQ3SFK
x-amz-cf-pop
FRA56-C1
etag
W/"a427037ef1482423da13ad8bf262d61a"
age
74833
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5qb1j6Oq23Yn7muAssPFU-cBKFzLQzFg-d8V-NwUjBmJ47Xrkb9C_Q==
x-amz-id-2
SYT/PvJpa1S2Tbf9EducQiC2/vlLNExxedJydF7BHsc0bpwwraD2r/DfYjVEz9FKHBgUD7foit8=
script.js
d1oykxszdrgjgl.cloudfront.net/ 		122 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:ae00:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ab1a72b4a985ad8ef0916f4e0cdbff9f6513565ddf133c238ef989dac7f9b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

x-amz-version-id
0nRNzQvghLCUCCfDkRgdO296OlfrsFMp
content-encoding
gzip
via
1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
date
Sun, 08 Jan 2023 22:11:52 GMT
last-modified
Fri, 06 Jan 2023 13:43:53 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
478
etag
W/"2f53fde7e6e276cf72b9ce5794a83360"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
pfmzY4mNwVE58blBWg8pJ1figlicPKABS1QOvPCiK6p4QXRhFWuL6A==
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1867643623&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&dp=%2Fy9ow%2Fdownload%2FB6DsLalNndDE&ul=en-us&de=UTF-8&dt=Download%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=337292162&gjid=1320347795&cid=807635971.1673216389&tid=UA-65658019-1&_gid=728590161.1673216389&_r=1&_slc=1&z=1291887352
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=807635971.1673216389&jid=337292162&gjid=1320347795&_gid=728590161.1673216389&_u=aEBAAEAAAAAAACAAI~&z=962426823
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 08 Jan 2023 22:19:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c98ec8fe9ba7a1d743089ff82c15d72a4f5b2942e6bd41ee9e67952fecb79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27701
x-xss-protection
0
server
sffe
etag
"1446 / 401 of 1000 / last-modified: 1673046381"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Jan 2023 22:19:49 GMT
1
mc.yandex.com/watch/90916604/
Redirect Chain
  • https://mc.yandex.com/watch/90916604?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7...
  • https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D...
435 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1124%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1283852321386%3Ahid%3A27664885%3Az%3A0%3Ai%3A20230108221949%3Aet%3A1673216389%3Ac%3A1%3Arn%3A744124090%3Arqn%3A1%3Au%3A1673216389688071306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C17%2C447%2C626%2C%2C0%2C%2C3%2C0%2C%2C%2C%2C1109%3Aco%3A0%3Acpf%3A1%3Ans%3A1673216388103%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673216390%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
73d4bd9f3e11ebafa8b9a5b4ad05c84a8a92e2301dc6b7785592c8f80e63bcb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 08-Jan-2023 22:19:49 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Sun, 08-Jan-2023 22:19:49 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:49 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 08-Jan-2023 22:19:49 GMT
location
/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1124%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1283852321386%3Ahid%3A27664885%3Az%3A0%3Ai%3A20230108221949%3Aet%3A1673216389%3Ac%3A1%3Arn%3A744124090%3Arqn%3A1%3Au%3A1673216389688071306%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C17%2C447%2C626%2C%2C0%2C%2C3%2C0%2C%2C%2C%2C1109%3Aco%3A0%3Acpf%3A1%3Ans%3A1673216388103%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673216390%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 08-Jan-2023 22:19:49 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 08 Jan 2023 22:19:49 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 22:19:49 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1316917
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hCKneLicpv%2FPLAjZSww2GX9RBo5hYpZ38HUDVr%2FqVF7NTZNpNPAdSfrDlE6jZyA%2FKet9HsYI9292EE1ADFapNRN5ZqSRdTIOS9WHG9p4egLvzd4HRk4MgaJ%2BWMgKIfnm%2FU%2B91zcvJ%2BSxt0E"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78685123efb99b8f-FRA
prebid
ib.adnxs.com/ut/v3/ 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
59b1ac5c2ceda4e20be81085c76502f91d010241dc4d7a7195056091b5e14ea6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:49 GMT
AN-X-Request-Uuid
2d6d66ca-3d72-4d00-9402-21f5cc1f2f1d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9877.wnXuWTwLstYkflL0EYwFtVuAH7vFywUCO1e_Afdg1t2M_IBUKcyeJ9pWHXnH-nyu.qrlvsLBOWk8IpBk3UUmVOWwuRq8%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9877.GRvzOWOYWfCKOvzE_DCuryjfqcnvZ2wqQHFEBfjmPLnBL2rskeSZ-GJd5Yuw1gCkiz-Y2M6jQ-FvoYFqFyPoBpbsoiWGQO_IAL2IJIcB2Mo%2C.ZZ6LJVKvgH2mm5OVSZ...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9877.GRvzOWOYWfCKOvzE_DCuryjfqcnvZ2wqQHFEBfjmPLnBL2rskeSZ-GJd5Yuw1gCkiz-Y2M6jQ-FvoYFqFyPoBpbsoiWGQO_IAL2IJIcB2Mo%2C.ZZ6LJVKvgH2mm5OVSZATmYPw7cc%2C
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9877.GRvzOWOYWfCKOvzE_DCuryjfqcnvZ2wqQHFEBfjmPLnBL2rskeSZ-GJd5Yuw1gCkiz-Y2M6jQ-FvoYFqFyPoBpbsoiWGQO_IAL2IJIcB2Mo%2C.ZZ6LJVKvgH2mm5OVSZATmYPw7cc%2C
date
Sun, 08 Jan 2023 22:19:49 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
pubads_impl_2023010406.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010406.js?cb=31071460
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a8a44cca820f9a7aa320974a3b8026218839c9829e86d4cff4eaa3b645a45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 23:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132776
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 18:33:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 23:21:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		199 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a850fb3e0e81fa07cb2a4f53063157759050ce78a88a8ce56dc8fb1ff116fe6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97
x-xss-protection
0
expires
Sun, 08 Jan 2023 22:19:49 GMT
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 22:19:49 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
44V0SA1Y42KEB4E3
Age
1426253
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
+pq1lvrkHjoKj4hH9iBM94LvZjdhbwnhfhzQnEJaI3PAQJT5LdD71OEUJbMgnjw4Ga5dojmyyOQ=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIjIA0yQpMqLEqUnpFhFOF%2BJRlZWCEqerlYZ20iQ5IURaFrr39dHuH7425Fyus5mqrT90Z6qKeJAo1EKpbmYb%2Bg9%2Fc6Wc6yDPzYWbS6iZjnsnS1DsIXsdAMGAXnuNoh4d8GnYPsbkp4PzdBI"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
786851242e155b38-FRA
trinity.json
apex.go.sonobi.com/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22489a3933794255%22%3A%225c3986d1c2b45d45777d%7C970x250%2C970x90%2C300x250%2C728x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&s=4b483a77-d662-4c5a-85cc-50348f96c13b&pv=a24bd912-c608-4122-a1e2-b7cc0b7b18cb&vp=desktop&lib_name=prebid&lib_v=7.17.0&us=8&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
a463abc2c7038e529f7016a46075d19dd43474b3f4fa5cf00c2c422829b32948
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-20
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
639
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
46765852ce92bd45e5a190dcef398efcd9833c18eb51dfa5b87b6d8104e19bc2

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=%208a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5184df0d9b24807d5e6ad6f15d9295ccdecc44425e70e3ed0087d3f584543254

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ac5f937f4e780eeef3331ea8ec5714a01191d8719f82fc81551d393f0e955020

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
58036583115dcc1204a5f789df13aa0caa52b78c59babc3482f862574267aea4

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4a6a5825ba732b03fb7c6442d160e8dc58e548a0ddeb920aee35cceb6e19b4dc

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3467f40e63c6437cfa332c8e1a373937497f990240882bb38982e95132a67b8d

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c4f6ceb73904b1fbff681f4f6636a7e8440f436a1dd6c428428b0431a54b64a2

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9e5db31947ebff8c8fa554cf1296007e8ae36370faac506d2fd6f1db40706b8e

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
c5a8d1a618b46e19cbaa516a72471c7957149cbf5eb558aca666dbdc1bd6b950
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:49 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
translator
hbopenbid.pubmatic.com/ 		25 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5ae5389d8152f0bca655b4b46510e3813de22058bccef2eb79d13cab10a2b27c

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pb
ad.360yield.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.26.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7fff6da4e3109713aef26e8d366acca9e4a4fdb06a26351ad734a83b51026681
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:49 GMT
AN-X-Request-Uuid
4000c248-b83d-41a5-8f02-a9ae7daee6d9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
258
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
94e8e8faf9bae6fdcdb16b729acef0104b2e5d9c921d434488a49d4bc5927d02
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:49 GMT
content-encoding
gzip
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1673
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
app-data.json
www.file.io/page-data/ 		50 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 00:43:26 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
DSEXTMT87KX83QGC
x-amz-cf-pop
FRA56-P5
age
77783
x-cache
Hit from cloudfront
content-length
50
x-amz-id-2
+4LE117W5Ykt3s71SDQtIStdVyiOHIRbZBZPZY/zdsArKss6HykliHQpmzBb7trKsp8NIEQPQ1o=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"8560808e9c37804e4c72d09857f5dca0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
QV1pJoyBV6DV-pfi0leOfAXVDfYNVy5IezxOgdW7O0Nxc66f7uk4TQ==
page-data.json
www.file.io/page-data/error/ 		148 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/error/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
785224ce6a4947cca80b215623d42295f2c137cff714e238819c8e22c35a37d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 03:41:47 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
x-amz-request-id
34RYNCHRBX2C5038
x-amz-cf-pop
FRA56-P5
etag
"200d917382b174be7ed00b7a30ad3d68"
age
67083
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
148
x-amz-id-2
AbBROmRs01+mU8XzyzElGBd2yqA+Tdl8+syLZdZvA/yAuvDmX8EfiiO5oIGumGcMk4GENmhYynQ=
x-amz-cf-id
b1mPifPlRHt0qdElu2oFS2iBXnAmsRwQmwd6Ojs-8B4F6Hb60YSoxw==
spt
tg1.aniview.com/api/adserver/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=d40cd79bbaa4ea4c3bd7ba9e3dac8a12&AV_PLACEMENTID=6373750d98fb531abee85ae5
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f901804eeaa85f61e6475ae089b19edc9a0fb3b721de4f5b8db402dd2f61f72d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 22:19:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
6134
Expires
Sun, 08 Jan 2023 22:24:50 GMT
component---src-pages-error-js-7475cb6ca325fca20220.js
www.file.io/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-error-js-7475cb6ca325fca20220.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28094e188a2484c704e80f8445a56fb8f166ed671439d48fa6638b35a4fb6e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/y9ow/download/B6DsLalNndDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 00:51:25 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
5Y6X3RS05N4DH7MW
x-amz-cf-pop
FRA56-P5
etag
W/"f86922c0747fe43841f31d76478a15a0"
age
2323705
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
daIk7O8czzpXCNYZ7MaZ596q1AhTRolUFhwHPke6GbZrilTkMV2JXw==
x-amz-id-2
la7sLw0Uthx95fiwqFbfgshw174AtxOhfpVmFiqNgLoaRa+28d3nd+NOXq+uDc/44wAkltiBpMw=
c
prebid.a-mo.net/a/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%225126a458b5103d1%22%3A%225c3986d1c2b45d45777d%7C160x600%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Ferror&s=8ff37e28-b9fc-4aa3-8490-ba8ff42464d5&pv=a24bd912-c608-4122-a1e2-b7cc0b7b18cb&vp=desktop&lib_name=prebid&lib_v=7.17.0&us=8&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f69f8a4977d80cb78465604b1e8e2bc251a2b700315fc88185ea8f2ca487c2ec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-79
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
637
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fe54f611fd8bb72b3671c7819de874e00887842fa13411a3d3c5ca12e2df99fc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:49 GMT
AN-X-Request-Uuid
0b409721-204a-475c-90eb-6a6b7ed0abd0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.26.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e272ea102a2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b49fc4be53267fd4964c63af23753a0ed9880144458d317a6457999ad086b0b2

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Ferror&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:49 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1001 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=562308737895755&correlator=564023710206936&eid=31071460&output=ldjh&gdfp_req=1&vrg=2023010406&ptt=17&impl=fifs&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=394511061&didk=996279706&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1673216389942&lmt=1669217203&dlt=1673216388585&idt=1325&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Ferror&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=807635971.1673216389&ga_sid=1673216390&ga_hid=1867643623&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7951cc3119f12678be6a87060a9711489490dc8b3a14c202af3f61fc592a4dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
502
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 060A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:50 GMT
expires
Mon, 08 Jan 2024 22:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023010406.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023010406.js?cb=31071460
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6ac622d38ff7386ff10f9d4fdf98898e1c1b08963329333177455579c8e0acc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 23:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13848
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 18:33:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 23:21:37 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1867643623&t=pageview&_s=2&dl=https%3A%2F%2Fwww.file.io%2Fy9ow%2Fdownload%2FB6DsLalNndDE&dp=%2Ferror&ul=en-us&de=UTF-8&dt=Error%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=807635971.1673216389&tid=UA-65658019-1&_gid=728590161.1673216389&z=1344344284
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 03:42:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67013
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5fda1c945cc9d2d51b390cc0f12ed854ddd367d4490082ab9ebdb0064ab79f81
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:49 GMT
AN-X-Request-Uuid
9b097590-9e58-4d1b-9e5b-4d852f03d3d2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
get
feed.avplayer.com/backend/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=636a37af05e5617b262a5a52&AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy / PHP/8.1.12
Resource Hash
28d52e5f4399d21e5870c1aba17803b0648d22bebd5034282891f20e549f9f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-powered-by
PHP/8.1.12
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-envoy-upstream-service-time
20
content-length
751
expires
Sun, 08 Jan 2023 23:19:50 GMT
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f15 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu9yNrFeGkVvxxhaBoM19zdNgQwkSifRkze1KPxvzzBbXAo_phDn-H4egVZR798Fq1YXawiPRYwvsbhuU6bNNDsuyDP2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
61326
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
server
UploadServer
etag
"9dff0335699f04080269947f40c366ae"
vary
Accept-Encoding
x-goog-generation
1646327924579580
content-type
application/javascript
content-language
en
x-goog-hash
crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
cache-control
public, max-age=300
x-goog-stored-content-length
61326
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:24:50 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&cb=1673216390028&r=www.file.io&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d65=IntentIQ&d66=7&e=playerLoaded&cpid=636a37af05e5617b262a5a52&str=viewable
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
get
feed.avplayer.com/backend/ 		4 KB
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=636a37af05e5617b262a5a52&AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy / PHP/8.1.12
Resource Hash
28d52e5f4399d21e5870c1aba17803b0648d22bebd5034282891f20e549f9f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-powered-by
PHP/8.1.12
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-envoy-upstream-service-time
20
content-length
751
expires
Sun, 08 Jan 2023 23:19:50 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&cb=1673216390031&r=www.file.io&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d65=IntentIQ&d66=7&e=playerLoaded&cpid=636a37af05e5617b262a5a52&str=viewable
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e272ea102a2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0a9a4d1079d056e620a45666110f2250ad1325a9a54dcda074d51b964e30eec3

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
98749e5b6b8df4b09ee457f1a7d48d709e40be84fa45ded4f1cbcb0859f4a2f0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:50 GMT
AN-X-Request-Uuid
143009cb-85c5-4b85-a35f-9dd832e6c3ca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Ferror&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:50 GMT
accept-ch
sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22129638eda5a28dfb%22%3A%225c3986d1c2b45d45777d%7C160x600%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Ferror&s=b4b57d5c-cf48-46de-8f49-b31bb0bd1317&pv=a24bd912-c608-4122-a1e2-b7cc0b7b18cb&vp=desktop&lib_name=prebid&lib_v=7.17.0&us=8&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
12caeebe79c2e98bb652bbb19175cdca24f33507d056b442614a5e2e2ef65677
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-18
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
638
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.26.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:50 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-23-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2Ferror
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
6ddaa277f2b802397fb1a8ec644eb8d771491f29fdc0e4f0d04a544dc8e8f321
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:50 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		29 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Ferror&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5e294119b0e22fffe6a7a75b2d193cd5839bdd1d21fd73e041dd9e8ef515de95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
9923
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
01ed26aad31409ebd76f923ccf34de21ad90a21a9ee73e3e3ed5dce764debfb7

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=%208a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
eb55814b5480b2e3473538bcc8b5fad2b3490e6c415f4408c100386be998d314

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
038e7a798a735ef7d9c944b2ca0ccc27dd406d6a03deba3ad68cfb2fb6f767f1

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
13a1e876bf6480dd55337e6a5b68920247d48c7d60309d43f77a16980f4498df

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
08fd1f3537ae07d0a24445ce6cfaa98400998c14e7a1a23465071d79af85d4ce

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a714a7e710cefcad42fcce67a08513eb8d19126a61d4ee10c3fb62a871b34fa8

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
43fddf95be99e5763c1635fc2f9484d287c189aeec55986ad39d5880df7fb8ee

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2ff53cb32ce4b8b958609f0e764f5097c5b5f964bca6c35a6afa21ad6ed51b67

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.26.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:50 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
trinity.json
apex.go.sonobi.com/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22986c119aa8cde6f%22%3A%225c3986d1c2b45d45777d%7C970x250%2C970x90%2C300x250%2C728x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Ferror&s=24d400da-db3d-45dc-8c3f-f7daedddee09&pv=a24bd912-c608-4122-a1e2-b7cc0b7b18cb&vp=desktop&lib_name=prebid&lib_v=7.17.0&us=8&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
0650765f752c3ac52e57509c9b4fd97c2a1f00318a39ff656244877aba5b9bc8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-9
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
637
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b00de2b3705fb73910293f7ab518696f62a6dcde9b495e013579dae1de5bcd12
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:50 GMT
AN-X-Request-Uuid
7fc75b4c-78fd-4996-8d3e-dae76d2d4d51
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
container.html
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:50 GMT
expires
Mon, 08 Jan 2024 22:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		251 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
ctrack
track1.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=0&e=cpll&cb=1673216390344
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ctrack
track1.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cpll&cb=1673216390374
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=632075b70fa709288815ba86&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 08 Jan 2023 22:19:50 GMT
X-GUploader-UploadID
ADPycdv_t9wCdLdBLBHAxHE5zUTBhxrnZh_J7v51J4snDWnur1Iq60fHbtWy3Xv6THd-rFMBfdSEqL5kSgcMGMVn7xGAkaOA-OCx
x-goog-storage-class
STANDARD
Content-Range
bytes 0-13496023/13496024
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
13496024
Last-Modified
Tue, 19 Apr 2022 15:55:06 GMT
Server
UploadServer
ETag
"5988954ac663c7a7640a82f507517315"
x-goog-generation
1650383706252946
Content-Type
video/mp4
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
Access-Control-Expose-Headers
Content-Type, range
Cache-Control
public, max-age=2592000
X-HW
1673216390.dop135.fr8.t,1673216390.cds328.fr8.shn,1673216390.dop135.fr8.t,1673216390.cds292.fr8.c
x-goog-stored-content-length
13496024
Accept-Ranges
bytes
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=632075b70fa709288815ba86&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 08 Jan 2023 22:19:50 GMT
X-GUploader-UploadID
ADPycdv_t9wCdLdBLBHAxHE5zUTBhxrnZh_J7v51J4snDWnur1Iq60fHbtWy3Xv6THd-rFMBfdSEqL5kSgcMGMVn7xGAkaOA-OCx
x-goog-storage-class
STANDARD
Content-Range
bytes 0-13496023/13496024
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
13496024
Last-Modified
Tue, 19 Apr 2022 15:55:06 GMT
Server
UploadServer
ETag
"5988954ac663c7a7640a82f507517315"
x-goog-generation
1650383706252946
Content-Type
video/mp4
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
Access-Control-Expose-Headers
Content-Type, range
Cache-Control
public, max-age=2592000
X-HW
1673216390.dop225.fr8.t,1673216390.cds098.fr8.shn,1673216390.dop225.fr8.t,1673216390.cds292.fr8.c
x-goog-stored-content-length
13496024
Accept-Ranges
bytes
AVmanager.js
player.aniview.com/script/6.1/ Frame 8BB2 		432 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9379d65f20e0e45715fbcd8aa0ecc4667224bca59a46d5b725579e861a56b441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtGS4uhI3E_2qgerqUGvL48JTE0HvWe4Dw0gOjgzdEF7fX09O4D8y1SbzK8IMedAgeMDpgrYDyKzBRBz0CsATgPwOUex0J0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
118439
last-modified
Tue, 03 Jan 2023 09:10:45 GMT
server
UploadServer
etag
"2e7713ef8ceb2519e96434505ca796dd"
vary
Accept-Encoding
x-goog-generation
1672737045117191
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=lxrlyQ==, md5=LncT74zrJRnpZDRQXKeW3Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
118439
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:29:50 GMT
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		92 KB
93 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=632075b70fa709288815ba86&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash
f6e71eeef1e40c63b69666f9d805758869d464935777c2e56ee6f90ee3b8b1fb

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Range
bytes=13402112-

Response headers

Date
Sun, 08 Jan 2023 22:19:50 GMT
X-GUploader-UploadID
ADPycdv_t9wCdLdBLBHAxHE5zUTBhxrnZh_J7v51J4snDWnur1Iq60fHbtWy3Xv6THd-rFMBfdSEqL5kSgcMGMVn7xGAkaOA-OCx
x-goog-storage-class
STANDARD
Content-Range
bytes 13402112-13496023/13496024
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
93912
Last-Modified
Tue, 19 Apr 2022 15:55:06 GMT
Server
UploadServer
ETag
"5988954ac663c7a7640a82f507517315"
x-goog-generation
1650383706252946
Content-Type
video/mp4
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
Access-Control-Expose-Headers
Content-Type, range
Cache-Control
public, max-age=2592000
X-HW
1673216390.dop154.fr8.shc,1673216390.dop154.fr8.t,1673216390.cds292.fr8.c
x-goog-stored-content-length
13496024
Accept-Ranges
bytes
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		26 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=d40cd79bbaa4ea4c3bd7ba9e3dac8a12&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_VIDEOURL=https%3A%2F%2Fcontent1.avplayer.com%2F6006a32f94a1ea4fe84a39a6%2Fvideos%2F625edad12c2bbd0fa201f6f6%2F625edb3e2d0dea26100d8f63%2Fvideo.mp4%3FAV_TAGID&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2Ferror&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&d36=6.2.71&responsive=1&sver=3&avtoken=390575&omv=1.0.1&AV_D65=IntentIQ&clsid=5ae1bdf6-a6ac-43c8-9bd3-5cc895906518&rando=85&AV_WIDTH=440&AV_HEIGHT=247&AV_DNT=0&cb=1673216390578&wfc=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.141.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-141-180.compute-1.amazonaws.com
Software
/
Resource Hash
a18f2d88d49d75b93dc5c82afcac0e9956d7782d558d8eb974763494824305d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 28 Dec 2022 08:33:10 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.file.io&sn=&ic=0&tgt=0&app=&wi=440&he=247&test=&d36=6.2.71&apppkg=&fv=1&proto=https&d65=IntentIQ&clsid=5ae1bdf6-a6ac-43c8-9bd3-5cc895906518&rando=85&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&e=inventory&vi=100&cb=1673216390577
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=632075b70fa709288815ba86&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Range
bytes=32768-

Response headers

Date
Sun, 08 Jan 2023 22:19:50 GMT
X-GUploader-UploadID
ADPycdv_t9wCdLdBLBHAxHE5zUTBhxrnZh_J7v51J4snDWnur1Iq60fHbtWy3Xv6THd-rFMBfdSEqL5kSgcMGMVn7xGAkaOA-OCx
x-goog-storage-class
STANDARD
Content-Range
bytes 32768-13496023/13496024
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
13463256
Last-Modified
Tue, 19 Apr 2022 15:55:06 GMT
Server
UploadServer
ETag
"5988954ac663c7a7640a82f507517315"
x-goog-generation
1650383706252946
Content-Type
video/mp4
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
Access-Control-Expose-Headers
Content-Type, range
Cache-Control
public, max-age=2592000
X-HW
1673216390.dop154.fr8.shc,1673216390.dop154.fr8.t,1673216390.cds292.fr8.c
x-goog-stored-content-length
13496024
Accept-Ranges
bytes
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/svg+xml
ctrack
track1.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cply&cb=1673216390618
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=562308737895755&correlator=3513769783531186&eid=31071460&output=ldjh&gdfp_req=1&vrg=2023010406&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_6373734998fb531abee85aca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=2&adks=395328340&didk=1786973175&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D6373734998fb531abee85aca-1007%26hb_iv%3D1%26sv%3D1%26re_ve%3D4c63ce45-v7.17.0_fo%26pg_ld_id%3D08b5e099ca7c47d220d1284be5105e63%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D6373734998fb531abee85aca%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D160x600%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dccf08f086937fec6617c3318fe30ecc5%26st_ty%3Dvert%26bf_br%3D19300000%26af_im%3D19300000&eri=1&sc=1&cookie=ID%3Db5e2840fb85cbdef%3AT%3D1673216389%3AS%3DALNI_Ma5uX_fO4gjVgVbAvqCj8Qv5GvkWA&gpic=UID%3D00000b9fd994ff8a%3AT%3D1673216389%3ART%3D1673216389%3AS%3DALNI_MZHGwcrD7Vr4_bEaBu9JSojaP7rCQ&abxe=1&dt=1673216390715&lmt=1669217203&dlt=1673216388585&idt=1325&adxs=45&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Ferror&frm=20&vis=1&psz=160x270&msz=160x250&fws=4&ohw=160&ga_vid=807635971.1673216389&ga_sid=1673216390&ga_hid=1867643623&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25513f02ff709aa1896f50a040b3157489a1cc8d30913751dd9f41024a28092b
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNTA6uSAufwCFXPsuwgdNoYKTw&gqi=&layout=/sadbundle/%24csp%253Der3%24/15621291058250383360/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNTA6uSAufwCFXPsuwgdNoYKTw&gqi=&layout=/sadbundle/%24csp%253Der3%24/15621291058250383360/index.html
date
Sun, 08 Jan 2023 22:19:51 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29125
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=562308737895755&correlator=1104694498768808&eid=31071460&output=ldjh&gdfp_req=1&vrg=2023010406&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370d898fb531abee85aab&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C970x90%7C970x250&ifi=3&adks=3195751141&didk=1404112756&sfv=1-0-40&prev_scp=hb_pb%3D0.24%26hb_adid%3D637370d898fb531abee85aab-1004%26hb_iv%3D1%26sv%3D1%26re_ve%3D4c63ce45-v7.17.0_fo%26pg_ld_id%3D08b5e099ca7c47d220d1284be5105e63%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370d898fb531abee85aab%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dccf08f086937fec6617c3318fe30ecc5%26bf_br%3D19300000%26af_im%3D19300000&eri=1&sc=1&cookie=ID%3Db5e2840fb85cbdef%3AT%3D1673216389%3AS%3DALNI_Ma5uX_fO4gjVgVbAvqCj8Qv5GvkWA&gpic=UID%3D00000b9fd994ff8a%3AT%3D1673216389%3ART%3D1673216389%3AS%3DALNI_MZHGwcrD7Vr4_bEaBu9JSojaP7rCQ&abxe=1&dt=1673216390746&lmt=1669217203&dlt=1673216388585&idt=1325&adxs=436&adys=993&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Ferror&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=807635971.1673216389&ga_sid=1673216390&ga_hid=1867643623&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ed318fdec1c3de124404af6921ef8c820a3ffbba9756fd1900b80a8ccdf5c1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9596
x-xss-protection
0
google-lineitem-id
4753675178
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138238778460
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=562308737895755&correlator=26914153588716&eid=31071460&output=ldjh&gdfp_req=1&vrg=2023010406&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370bb889c301e8e7ad53d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C970x90%7C970x250&ifi=4&adks=1730059972&didk=632355593&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D637370bb889c301e8e7ad53d-1005%26hb_iv%3D1%26sv%3D1%26re_ve%3D4c63ce45-v7.17.0_fo%26pg_ld_id%3D08b5e099ca7c47d220d1284be5105e63%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370bb889c301e8e7ad53d%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dccf08f086937fec6617c3318fe30ecc5%26bf_br%3D19300000%26af_im%3D19300000&eri=1&sc=1&cookie=ID%3Db5e2840fb85cbdef%3AT%3D1673216389%3AS%3DALNI_Ma5uX_fO4gjVgVbAvqCj8Qv5GvkWA&gpic=UID%3D00000b9fd994ff8a%3AT%3D1673216389%3ART%3D1673216389%3AS%3DALNI_MZHGwcrD7Vr4_bEaBu9JSojaP7rCQ&abxe=1&dt=1673216390748&lmt=1669217203&dlt=1673216388585&idt=1325&adxs=436&adys=263&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Ferror&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=807635971.1673216389&ga_sid=1673216390&ga_hid=1867643623&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c594639f9b5d12f1761b7c5170b64435db1cca4af52e350b844771c5faa5ef71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12259
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
mydmp.exelator.com/on-site-tag-load/
Redirect Chain
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
7d51137511c645ae3650768d8e49f22612fb2563dbcdb172de8f6f836cc33b9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin
https://www.file.io
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache
access-control-allow-credentials
true

Redirect headers

date
Sun, 08 Jan 2023 22:19:51 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
access-control-allow-origin
https://www.file.io
content-type
image/gif;charset=UTF-8
cache-control
no-cache
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010406&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a10b84babd06c1f4f61fcee6c4986f2bb073a1eb40ffa49a628cba323f229090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11178
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:19:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A849 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 21:57:04 GMT
expires
Mon, 08 Jan 2024 21:57:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9DE4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
632c03898b7bb1e76b161befb7c87a918b5b708fb63faf8c0960cdbad9c9b8f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SzhXX8iaexinsVi3fBo8Qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-SzhXX8iaexinsVi3fBo8Qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:51 GMT
expires
Sun, 08 Jan 2023 22:19:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 9DE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023010406&jk=562308737895755&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame A849 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 20:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 20:21:27 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 04D0
Redirect Chain
  • https://csync.loopme.me/?pubid=&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D56%26pid%3D5f2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=56&pid=5f2063121d82c82557194737&key=9f62bbb6-25eb-4850-b475-0c03c7f32965&gdpr_consent=null&g...
524 B
595 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=56&pid=5f2063121d82c82557194737&key=9f62bbb6-25eb-4850-b475-0c03c7f32965&gdpr_consent=null&gdpr=1
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.150.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-150-187.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
524
content-type
text/html
date
Sun, 08 Jan 2023 22:19:51 GMT
server
awselb/2.0

Redirect headers

content-length
0
date
Sun, 08 Jan 2023 22:19:51 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=56&pid=5f2063121d82c82557194737&key=9f62bbb6-25eb-4850-b475-0c03c7f32965&gdpr_consent=null&gdpr=1
server
_
sync
ssbsync.smartadserver.com/api/ Frame B938 		0
45 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 08 Jan 2023 22:19:50 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 5FDA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=1&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1b971479da7698b4c2da3070e7b73d&_fw_gdpr=1&_fw_gdpr_consent=
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1b971479da7698b4c2da3070e7b73d&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.150.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-150-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 08 Jan 2023 22:19:51 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Jan 2023 22:19:51 GMT
Expires
Sun, 08 Jan 2023 22:19:51 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1b971479da7698b4c2da3070e7b73d&_fw_gdpr=1&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1673216391089050-535
auto-user-sync
ads.stickyadstv.com/ Frame D06C 		43 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 08 Jan 2023 22:19:51 GMT
Expires
Sun, 08 Jan 2023 22:19:51 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1673216391128010-505
cookiesyncendpoint
sync.aniview.com/ Frame C85B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=200&key=OPTOUT
0
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=200&key=OPTOUT
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.150.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-150-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 08 Jan 2023 22:19:51 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 08 Jan 2023 22:19:51 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=200&key=OPTOUT
pragma
no-cache
services
sync.technoratimedia.com/ Frame A69C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1673216390902-930099590237-006468-011-008621&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.63.138 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.file.io/
age
0
date
Sun, 08 Jan 2023 22:19:51 GMT
server
nginx
via
1.1 varnish
x-varnish
436438435
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 33E9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D1%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112685
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:51 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 3F68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D18%26key%3D%24UID
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 08 Jan 2023 22:19:51 GMT
X-Sovrn-Pod
ad_ap4ams1
occ
ups.analytics.yahoo.com/ups/58543/ Frame DB94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Sun, 08 Jan 2023 22:19:51 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame 18E0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 08 Jan 2023 22:19:51 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 08 Jan 2023 22:19:51 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cm
u.openx.net/w/1.0/ Frame 210D 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D23%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Sun, 08 Jan 2023 22:19:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
t.adx.opera.com/pub/ Frame 8F91 		0
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 08 Jan 2023 22:19:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Tengine
/
onetag-sys.com/usync/ Frame A464 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame D51E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D10%2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=10&pid=59c9148628a0612da3689288&key=8FReHXdeqNis&ev=1&us_privacy=1---&pid=562704
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=10&pid=59c9148628a0612da3689288&key=8FReHXdeqNis&ev=1&us_privacy=1---&pid=562704
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.150.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-150-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 08 Jan 2023 22:19:51 GMT

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-6449ff7c76-nfghl
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=10&pid=59c9148628a0612da3689288&key=8FReHXdeqNis&ev=1&us_privacy=1---&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 8BB2 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtBe_d48R1Y2XTkNLM4LTDDq88xEOmpnIeN9zxAjDcG1k7DLDODTaeo7ndH20HnBb7jlhc-HY5XYsq-gqgKYlXWLl8TDTQG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55924
last-modified
Tue, 03 Jan 2023 09:10:45 GMT
server
UploadServer
etag
"547e678c14c4d2f8f6c1d44afde836d1"
vary
Accept-Encoding
x-goog-generation
1672737045628929
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=JLi8tg==, md5=VH5njBTE0vj2wdRK/eg20Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
55924
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:29:51 GMT
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 8BB2 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e0b10948c8f8424409e72354023bb956d7a6d000840271dae5bcc642c73906d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsE3J037eyv61EzaAP2fTjw9Mc0XbGxTRdbazXRA1SXQZEpv3hsXbWULdshZd15VEnLSHc-IHxI0xlJpop9rgbpVA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23859
last-modified
Tue, 03 Jan 2023 09:10:45 GMT
server
UploadServer
etag
"3b39515b721da0b140fe812efcc81428"
vary
Accept-Encoding
x-goog-generation
1672737045746365
x-goog-hash
crc32c=8r3ZYw==, md5=OzlRW3IdoLFA/oEu/MgUKA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23859
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 08 Jan 2023 22:29:51 GMT
avpb7.12.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 8BB2 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a2.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e18cb430d37779613b30d164a96b6f76a1a2d58887a732f1fd7df440805cf2ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvZhYmNI3OSe-ezJQTkKhVf6xe3lJ_A01sZTCQrXN5qkEsZBdSoM5_Pr0H1ChEwcVxMvlzSARE2N7yMDKugFRKHqKfW2LRh
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20344
last-modified
Tue, 03 Jan 2023 09:10:45 GMT
server
UploadServer
etag
"a61893a4b670f058903537fb500846fe"
vary
Accept-Encoding
x-goog-generation
1672737045793611
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Xi64Lw==, md5=phiTpLZw8FiQNTf7UAhG/g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
20344
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:29:51 GMT
avpb7.12.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 8BB2 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a4.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b2e12a86226fc0e27317e478f99340cab7a74240dd75db4535bc2cee8029f036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdugmsb1YOwyFkj6gPJH9rSVJ5mPURb09qEoOkp0kVE1llCQXSWGZOCifjcgsNvwOVwiQWmd3mFMFXXqtkXI4GqG5szZ8ypZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21089
last-modified
Tue, 03 Jan 2023 09:10:45 GMT
server
UploadServer
etag
"002dbb6f7aed1048cc491707ac3a6511"
vary
Accept-Encoding
x-goog-generation
1672737045823096
x-goog-hash
crc32c=KgNuBw==, md5=AC27b3rtEEjMSRcHrDplEQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21089
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 08 Jan 2023 22:29:51 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
481 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.1375&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=3216391068
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
45ee5308145d13cc0880c3adb8beda01496af15b80e2a956caf1e94980908aab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
ATS/9.1.10.25
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
683 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.244.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-244-55.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://www.file.io
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1673216390902-930099590237-006468-011-008621&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.228.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-228-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.228.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-228-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=46651&t=1673216390&cip=138.199.38.133&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=fa4f9e35d536fe43d1f37e489584aa17&d63=fa4f9e35d536fe43d1f37e489584aa17&aafaid=&proto=https&uid=1673216390902-930099590237-006468-011-008621&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.71&cb=25994494405&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.38.133&cd18=50.11880&cd17=8.68430&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1673216391070&asid=637b7eaa93283f4fba7e40c8%2C5ff6ed8d06e9773265718a49%2C633ae81e14ba3a033d3a0fd6%2C60215b2a3cfdb257402901c4%2C5ff48b20d0a41e5853490d69%2C5ff87336239c6c7fd600e1b5%2C5ff5868b4c1613054b3b5ee4%2C5ffffc9e712b1564036ba7e2%2C61af25280e1fa51ae52bd659&ofpr=%2C0.49%2C%2C0.49%2C0.49%2C0.49%2C0.49%2C0.49%2C2&fpo=%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=46651&t=1673216390&cip=138.199.38.133&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=fa4f9e35d536fe43d1f37e489584aa17&d63=fa4f9e35d536fe43d1f37e489584aa17&aafaid=&proto=https&uid=1673216390902-930099590237-006468-011-008621&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.71&cb=25994494405&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.38.133&cd18=50.11880&cd17=8.68430&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1673216391070&asid=63a1c97d9fc0bb7a1703e25c%2C6245a97f138a392b6f34aeb8&ofpr=2.1375%2C&fpo=%2C&ri=1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
log
onsite-tag-logs.apps.nielsen.com/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://onsite-tag-logs.apps.nielsen.com/log
Requested by
Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.176.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-176-118.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
server
nginx/1.16.1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
sync
sync.teads.tv/ex/ 		2 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/ex/sync?gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

expires
Sun, 08 Jan 2023 22:19:51 GMT
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
2
content-type
text/plain; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=exelate&;ttd_tpi=1&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
load.exelator.com/load/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MjBjYzQ1MTllMjUyYjJhY2Y3MzlhNjY5ZjQ0NTEzOTk&&google_redir=https://load.exelator.com/load/?p=204&g=109
  • https://load.exelator.com/load/?p=204&g=109
134 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load.exelator.com/load/?p=204&g=109
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-type
application/x-javascript;charset=UTF-8
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://load.exelator.com/load/?p=204&g=109
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0
  • https://loadm.exelator.com/load/?p=204&g=013&bi=4709937452655253906&j=0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=013&bi=4709937452655253906&j=0
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

Date
Sun, 08 Jan 2023 22:19:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bc78ee76-359a-4e9c-b00e-409fb364e565
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://loadm.exelator.com/load/?p=204&g=013&bi=4709937452655253906&j=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adsct
analytics.twitter.com/i/ 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=20cc4519e252b2acf739a669f4451399&p_id=28539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

x-response-time
114
date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f6f7d3d8d911949c
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ecaeefda9f3630179f2e40572cf13a42e2e0c80155c49312bf439a62fc56c15c
content-length
43
container.html
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FAAD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:50 GMT
expires
Mon, 08 Jan 2024 22:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 33E9 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93449452&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-length
0
container.html
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FB9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:50 GMT
expires
Mon, 08 Jan 2024 22:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 18E0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d7e26a4f0302e318a7f962a0a660746f0828d94fdfa9c5b848e8a498d1e0b9a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 22:19:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 08 Jan 2023 05:16:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24932
Connection
keep-alive
Content-Length
10066
Expires
Mon, 09 Jan 2023 05:15:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0C6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7EOGsM7k1wVRFLTQXoaoq5HBo7VdUFvChZaBfHrAI3ov9edkTggkv5PVQ0VENsIUDSt22HcztQ6IMA0Ot2jt0SQ4s89xQd0wVRKLCGxoFwXlMXTGZ3WTmDPj4L0zxwlYQtCjdZwHDLrzC03wLSINtH4N_oWvTK8Ocgy0mrZ5wj5DtdKRuq--A2zHFcbGvJvnQ1cYLU4JegC7xkhSbLFA6FlHUet1LCGR_SIzn86PnlN5HEwNsGDBqDh1yv6yRyQ3pxW37s6PD9TsRUrpwyKZRB3P81RVJ43q85KO-wYAUqRTk0ChAtYafuIw3fqW9x7PMvNg--N-IaNAslrjru0U5y32x5E028Z_Lrb_ZgIwNwhdp80XJRv6j5MYB5DY&sai=AMfl-YQqqUpWxRuwms4-X2yh6t1qTgDO6nYGK8q8iekkxELwPQdKKFjeKY0cGZWm-qZhZAcO56tBWxDI-o88rkj7hSqFoTBPP7PtpW1erfNTaQuAZ6YBlFk7Ea8ih5vEV_2Fmw&sig=Cg0ArKJSzOuuspHRDntHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C6C 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:19:51 GMT
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame 6F64 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2702291
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
DRe0wLMRRAuiTnx8uuDibUKpc9Q_87ch1lxnXxnZMjrZvBv9zspe-Q==
notify
tlx.3lift.com/header/ Frame 6F64 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=${AUCTION_PRICE}&ts=1673216390&aid=27973226161691471493230&ec=7963_149752_59848&n=GoQJaHR0cDovL2V1LnNwb3J0cmFkYXJzZXJ2aW5nLmNvbS9ub3RpZnkvbFQ3cUtoSU9WbTkxSTFZSzI1enQ4MllLUDZjZWg0UDBxLWhFa1BlNy1RZ2RCOXVJMUtEWnRFbDRuWFpSMVB3YkVpWWl5TzFuYjdTZHpVampyS3VwVk53MEZRbnRNUDZTdUJyNmRRczVEZGhneWRsc1lzRnNyWkw0bVBwVThqWlFUbVRrNFpHVk1rdjZBaG5kbGpiVkNPYlkza1BpXzM3RWhlYVZDdmR4VXdwT3BWSjk1NGxDbm9zQ21YVjlzU1NYN0JYZnVqTlJORzN6S05yYmZwd1lQY2Y3RmZUM2ZuN3ZvcHNqRmZib1Y1WGE5bjZHWUExZU1uMkVxVllHNHZraVZqUy16VXl4THFkM2pMaWJVWkhaeDlfNW5yUVRlM3lsYThjX3JVY0s0c1pwcWRrajI4NjRhTVJyeW1pRG44bC1yR1cxMWNKYXNYTWVwUi1xZGhPRjZLT1M5ZmtEQWxEV3VkZ1A5bnlHZnRIRWdISVJHYV95OXJ0VTN5bFp0RUNXeFBtQlgxblNmSDYtNXV2UmdUYnhQdkpMNGdUT01vS2ZFM0xPRFlqa2ZEUVg3Y1NLTjBRdGJzRG4yMlpsc1hlOFc0RmJhYTFNZGl5OFJuMTJURGs1YzFaeEtTQWtJZFAzZUx5RDZ4a0dHSmEwd2loc0hJMk55SGl6NkFSbV9iVEstamF4a1FXcFVBMVFGMnRUZlFiMXFUaDF3OTBtN2JQb19rbDltYUk1UWFNWDdhTkl0NDVLSUZxM3BOOGtWVWs2UkcyWVBkWUx1VldBTThjZGxMUE1HNmpmMXFtWWphbDNjNzdFcWU1clo2TDVtczFHMElPUUN6d0EzVjBtVzM1b191Ql9leEY5OGhMN1hxeTAzWFhBWV9FQ2tvM3RXWVBZbFV3UWlER2Uzc0tvT245b01Qa2dSZFY2RktPSFNiWXNKZUhNalBTdzVnczZrb0VFalhjTldRV2FSVGR5eWhPellNbDUwdjdPQ0lzcGJUQ3RzcVNVR2Y3QWRfdFlPRjloUnZUaUFqc29KVW9WTXZIRHVYZmlxcmY4R1g4dzVvclI5cTBCVHVMT05rUkJGMjFaem5xcEhCWFZLNkZnVmZqSS1WNFlyak5vODNzc0JHVElObzFNNjRoNkdsc3Q5cGRaN0ZIbG5MS19YY2p0MU5oN2RINVVXUHo0TjRTRmZvSGFiZC1zSk5ndDNLQXhEZ1VkOWNKc3ZGOGsyTEJMckhvZnJmSVkwRTJDUU9wbnQzbmg4NEk4MDhYY3VLNm5NUzc1cmFTTkZCWlZtWG5nNGFpeEtSdUcxVVNEUTdueFh6ZFE0b3FSV0VtU2p0bTdyRTBxMWFfU2RDQ0g1UGZ0ektnZFZBUDBwYXByd3BjRGNBd0NVOHNSaWpudFFqdGZGQ1FJSU9VWjFHemVRS3FOb3VTQUhubW41VFFVdEZNN2Zob0FQdDhXR0p0UGw4Y1EtaTRHOFVScHFRLzAuMjc1L%2FICwQEIABIXMjc5NzMyMjYxNjE2OTE0NzE0OTMyMzAYACABKJs%2BMPiRCUABSABQAGAKaABw6r8ikAEAmAEAqAEAuAEFwAHvAcgBkwLwAdcB%2BAGTAoAC7wGRAgAAAAAAAPA%2FmQKkcD0K16PAP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Avo4gAPKB4gD%2BgGQAwCYAwCgAwC4A7ShJ8gDANIDBTU5ODQ44AP0ycYj6QMAAAAAAAAAAPADkwL5AwAAAAAAAAAA%2BAIMiAMAkgMEM295N5gDAKADpP0JqAMA
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 6F64 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=27973226161691471493230
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame FAAD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5AcphkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSSAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMB-NL4XOzQ3x5cKwQ_-wnIiuLv5NZrT5WxmT5DxoDrf7JzrYggSUHgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU3ODE1MzEyMDc1MDkyMzIY57Zt&sigh=3sTay1cHczA&uach_m=[UACH]&cid=CAQSPADq26N9U-ZqWpy9D8T5wQeyUl7TR7Anw7ZCwMSgkAIW0qVVe0bsVSIgb3sBAEznMdGm71dklFf1TeceVBgBIBM
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame FAAD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kODuEvXJVcoH-gGdg2ICAgAAAIqFfbLnKgfkEIZBu2MjvdFrmTCnZspkRQASAAA&wp=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
225557
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame B043 		176 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0e4e159f37b9cc419bc03067a03a9be0aa005df6aecb85414f0d9fde1b438946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jWmZUYbGWi0HUvyNQhnejpkGwvb5KqYh3eaCpydx5oMZ-S5Hzt7zs3-1xnBmpCAREEayiRX3V_d-vb7TdyMXAwhaZdQyg-8KOxPATqjERutm0CzQofS04I_-lfI-KupSM5e3t4xWZnxtiCleBU7nda0-Mct82Pba9JVSL-uY1GWyBf_rxyLtaPxzqwoE20kWPsoHk3vasOWQ5gvaEtoBKYOFMdz4On7tz2SRHeJ2Yq2TP157bAlgsLnHoPDNYcqqv68U-w"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
107180141
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame FAAD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 19:33:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
9964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 19:33:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3ECF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26161
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 15:03:50 GMT
etag
48472445140208031
expires
Mon, 09 Jan 2023 15:03:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame FAAD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 02:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
72200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 02:16:31 GMT
l
www.google.com/ads/measurement/ Frame FAAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqtsCoaREQuczH-m3kWvfkrJqWl01Vgs8kvuFcKbkHBbxw6cWm1Iyn7ewowgFpmcfjXF1XuTcqvEO8oDYJGerev3-ZSQ
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FAAD 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
309575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 05 Jan 2024 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAAD 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:19:51 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1673216391378&pKey=-148751389&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.file.io%2Ferror&playerSize=440x247
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:51 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1673216391335062-518
Expires
Sun, 08 Jan 2023 22:19:51 GMT
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=72445360044&lsavail=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
307068
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/307068?src_sys=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 08 Jan 2023 22:19:51 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004967
X-SpotX-Timing-Transform
0.000320
X-SpotX-Timing-SpotMarket
0.004967
X-SpotX-Timing-Page-Require
0.000404
X-fe
115
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.004283
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.011416
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000369
Last-Modified
Sun, 08 Jan 2023 22:19:51 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.file.io
X-SpotX-Timing-Page-Exception
0.000001
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.001035
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 08 Jan 2023 22:19:51 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.26.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.file.io
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
track_enc
track.venatusmedia.com/dual/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.247.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-247-181.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 9311 		1 MB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f11eba7f0f5d650cf1b17accd01feca8f5a7d7fad633f793f5360d65e03ed9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
235186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
72569
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 05:00:05 GMT
expires
Sat, 06 Jan 2024 05:00:05 GMT
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 8FB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_g6dhkG7Y9TlLvPY7_UPtoyq-ASsotyGbpa48tzgEJ27v6rSFxABIIOb02lgldKegrAHoAHUo4fcAsgBCakCPJNFBMrbsT7gAgCoAwHIAwKqBPMBT9AiiW6ELFkqpGBJYmkhpiGyqvHx_1CqS_x4_dWVw8oTu20lOT1A64Ye4sPC6qK8WU2tJEv6m47ECG7FEmkxw_Rtns61MFNHoBSan0Ruq_w-cGbNR_tHp_2_GG27d40aaYEp-YpzOkRWlmRSzrJBri-17zYYbexzytSNSY-StfsRvXA5uptW-VaYDPK42kyjzWqROiPu8c8Z1Non6a-Xt3I_4uPCYHKmKxEqYeXaQFRG9AwONS33rD3jQYN1O3f0m4gmTr2HCtnNgjSTP7aAPgTdQtQ4aiKj-F5pAaIxBawu1WP0Pts0uTbzdoEOilM2OD1mwAS3hOuUnATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAHlNz4owGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDj7gbSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=Y4LBF7Kc8ho&uach_m=[UACH]&cid=CAQSPADq26N9YxOzbrPAB1ZDaPEih4NRjBh8gpPEWhIdkomxE4dBl-3ZjSpzyCD70DE_vZyriejJ2LFT9ZNlgxgBIBM
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame BECB 		143 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 21:45:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 8FB9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 19:33:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
9964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 19:33:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 8FB9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 02:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
72200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 02:16:31 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 18E0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LCNXU68Y-14-JTJN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
view
securepubads.g.doubleclick.net/pcs/ Frame 0C6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPh8kiQ5ABUfP7zpnpwQqdNHPvS8g4MhoUQdg5b5UXlc4Clg3n9ktrWDS_-IBJPpCUhU7obvJ1hH9CRadTdsAtvwLKTV_t4ilVi15iNwLG_b3rkblUvzUm6djGcafK6e7SOdDljYmNmoxEEF5jdUSvM-4wnVrlgVMR0eldj7O8J7g2STAnuOxDkqwUtj0HBCsVVPu1XhEh3Li7Orje-IEhvphqM45mJkGbqbvz0Ll2IAuCyygbLsNdHhc_GKQDOeSwFex_tNcbPXjIPmD0UR5i5mt-CBk4nVSof1ZLfY4SKW4lxyfj2eyNPX5LzojCXhi3_4yigef5Xcm-nvl_1HXQ6gj4MxJwwKox8rqEDhmm4RSkfAmhoHejNew4x9yzXw&sai=AMfl-YQ7SPCusxz2XPVqpZVCTOLbe56j7T7ccX6xpMKKbPJWqrTOZfabhRowK0ONJB76oUGrZH4HiuulvczyyW0DO5twGYTbMjkR5PZBGMSn-GxD3bkUeWm2a_FVPuIopMN2oA&sig=Cg0ArKJSzFQjtsgUkKVGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 08 Jan 2023 22:19:51 GMT
dpixel
cms.quantserve.com/ Frame 3ECF 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF82wL6xcbQYFw9vPP_zhbA&google_cver=1&google_push=AavPq0PrkYscDnC0gXZqe2T5-yYC2Rl1dFGRiZzKqn1Gn9tZrmeChb93_I3PqkXxVtg83VPqh6dEsUX5HGgzChVptvK6DgyWuuXe
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 3ECF 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPm51n3X3n1DbGVSE2KaTfw&google_cver=1&google_push=AavPq0O1J3P7O6iqWP5v0_MR6LoG4ncMyV0HWO9TraUWr480SFr_U_BHlUB2i44BlD8l5nxOkgJr73yin6AlyH91sMJH8vdvF15a
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 3ECF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHUDMdJ7CZ7Ve7QAtyvBwfI&google_cver=1&google_push=AavPq0OEIEpseeMfzOmZ94qoX3gmXLV66gfc2cvkiN-Zf89iqK23jgfQXbfvc8EhMmxyMK_EVRXbFgQNIxL2oKxg...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0OEIEpseeMfzOmZ94qoX3gmXLV66gfc2cvkiN-Zf89iqK23jgfQXbfvc8EhMmxyMK_EVRXbFgQNIxL2oKxg8xmvbNXe4xY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0OEIEpseeMfzOmZ94qoX3gmXLV66gfc2cvkiN-Zf89iqK23jgfQXbfvc8EhMmxyMK_EVRXbFgQNIxL2oKxg8xmvbNXe4xY
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 08 Jan 2023 22:19:51 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x28 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0OEIEpseeMfzOmZ94qoX3gmXLV66gfc2cvkiN-Zf89iqK23jgfQXbfvc8EhMmxyMK_EVRXbFgQNIxL2oKxg8xmvbNXe4xY
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 08 Jan 2023 22:19:50 GMT
i.match
s.tribalfusion.com/z/ Frame 3ECF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGoGieYbGRieBGPKPSHJsbc&google_cver=1&google_push=AavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGoGieYbGRieBGPKPSHJsbc&google_cver=1&google_push=AavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8W...
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGoGieYbGRieBGPKPSHJsbc&google_cver=1&google_push=AavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78685130fc37690f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
85
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGoGieYbGRieBGPKPSHJsbc&google_cver=1&google_push=AavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0POj5iOVZu2YXE25THUtkp_uBSOHXeSOmXiRy7HRipcMAKGaHzM3-A-ZnSk9OE9cw1rRK0wB4JnyuINUcNoau2IPI4Vx8Wf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7868512f6a60690f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3ECF
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEO9fkx6cLDJYA9dMBKweBC8&google_cver=1&google_push=AavPq0NKlk6IqzrK-ugTPSFAqcLa-56lPT4AxBBR0ltOivIl4KTTw9dfZV_w96KGS3kHo05HlN73_PGb8z-72Ykx25ipCYmxZAqy
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bl95aHVaZlNBMjZrNG15TWlFRzdZdw%3D%3D&google_push=AavPq0NKlk6IqzrK-ugTPSFAqcLa-56lPT4AxBBR0ltOivIl4KTTw9dfZV_w96KGS3kHo05HlN73_PGb8z-72...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bl95aHVaZlNBMjZrNG15TWlFRzdZdw%3D%3D&google_push=AavPq0NKlk6IqzrK-ugTPSFAqcLa-56lPT4AxBBR0ltOivIl4KTTw9dfZV_w96KGS3kHo05HlN73_PGb8z-72Ykx25ipCYmxZAqy
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bl95aHVaZlNBMjZrNG15TWlFRzdZdw%3D%3D&google_push=AavPq0NKlk6IqzrK-ugTPSFAqcLa-56lPT4AxBBR0ltOivIl4KTTw9dfZV_w96KGS3kHo05HlN73_PGb8z-72Ykx25ipCYmxZAqy
date
Sun, 08 Jan 2023 22:19:52 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sync
dsp.adkernel.com/ Frame 3ECF 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEB47deOJxjmYaqt7cD-V5Z8&google_cver=1&google_push=AavPq0PqrYvray1DkrY9qjwmcwuQYCnCyWw78oVgn7sjb_qzl4uMAcgnlqxvRRgCVrMyXyOmDa6Kas0NTVfup4ztImEGunevtZ1Q
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:51 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
um
cs.emxdgt.com/ Frame 3ECF 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEK1dW8OcdPTAsWmIQ42VumI&google_cver=1&google_push=AavPq0Md8ilPV3KLQ0tjnLccV5kCjBf3LSSnfQjm_BDcpOjzCIXqaJCkQDPxKZ-_q3c_cRTqQ55T638xs6QI2JocIEABzpSIt8qkFQ
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 3ECF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ia_xksZNb-XJJv0OSJJ0moq6J3tTW_PGNGgFyO7MxHLV2ZIoQFUu0QGrx11dimPsOf154QSA
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=venatusmedia_RON_970x250&aid=27973226161691471493230&rev=2369ca4&pr=un&bc=0.275&bmid=7963&biid=7290&sid=149752&brid=565226&adid=59848&crid=74556660&ts=1673216390&bcud=275&ss=12&caid=0&unid=0&domain=www.file.io&ref=https%253A%252F%252Fwww.file.io%252Ferror&rr=creative&fid=10&rb=0&g=0&cb=75550
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame A386 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 6F64 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 08:16:08 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
569024
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
D1PGB0PqREMAjNFiScrLszfY41T6vQCUGTvJBYofNiR5ooEg5-7ALA==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 6F64 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 07:09:55 GMT
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
572997
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
hcXDd1pmWwIrRZTB-rQ2YRdca9IvCPBwWwfreTpyknf4AcLpbVvkUw==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=venatusmedia_RON_970x250&aid=27973226161691471493230&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=98025
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=venatusmedia_RON_970x250&aid=27973226161691471493230&rev=2369ca4&pr=un&bc=0.275&bmid=7963&biid=7290&sid=149752&brid=565226&adid=59848&crid=74556660&ts=1673216390&bcud=275&ss=12&caid=0&unid=0&domain=www.file.io&ref=https%253A%252F%252Fwww.file.io%252Ferror&rr=creative&fid=10&rb=0&g=0&cb=75089
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
970x250.gif
creatives.sportradarserving.com/b98f1ab2-f5e3-4ac1-a78c-7252e503f599/ Frame F9CD 		316 KB
317 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sportradarserving.com/b98f1ab2-f5e3-4ac1-a78c-7252e503f599/970x250.gif
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4bb Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
153138da6d28e58de2cbd7b1f60fe758aa83ab73100a9ec6622448f5a48c03b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
last-modified
Thu, 13 Oct 2022 15:31:21 GMT
server
AkamaiNetStorage
etag
"f4e4baf4eac52bc71b79e0c983caa31c:1665675081.572114"
content-type
image/gif
cache-control
max-age=600
accept-ranges
bytes
content-length
323234
expires
Sun, 08 Jan 2023 22:29:51 GMT
lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfu...
eu.sportradarserving.com/mimp/ Frame F9CD 		43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/mimp/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfujNRNG3zKNrbfpwYPcf7FfT3fn7vopsjFfboV5Xa9n6GYA1eMn2EqVYG4vkiVjS-zUyxLqd3jLibUZHZx9_5nrQTe3yla8c_rUcK4sZpqdkj2864aMRrymiDn8l-rGW11cJasXMepR-qdhOF6KOS9fkDAlDWudgP9nyGftHEgHIRGa_y9rtU3ylZtECWxPmBX1nSfH6-5uvRgTbxPvJL4gTOMoKfE3LODYjkfDQX7cSKN0QtbsDn22ZlsXe8W4Fbaa1Mdiy8Rn12TDk5c1ZxKSAkIdP3eLyD6xkGGJa0wihsHI2NyHiz6ARm_bTK-jaxkQWpUA1QF2tTfQb1qTh1w90m7bPo_kl9maI5QaMX7aNIt45KIFq3pN8kVUk6RG2YPdYLuVWAM8cdlLPMG6jf1qmYjal3c77Eqe5rZ6L5ms1G0IOQCzwA3V0mW35o_uB_exF98hL7Xqy03XXAY_ECko3tWYPYlUwQiDGe3sKoOn9oMPkgRdV6FKOHSbYsJeHMjPSw5gs6koEEjXcNWQWaRTdyyhOzYMl50v7OCIspbTCtsqSUGf7Ad_tYOF9hRvTiAjsoJUoVMvHDuXfiqrf8GX8w5orR9q0BTuLONkRBF21ZznqpHBXVK6FgVfjI-V4YrjNo83ssBGTINo1M64h6Glst9pdZ7FHlnLK_Xcjt1Nh7dH5UWPz4N4SFfoHabd-sJNgt3KAxDgUd9cJsvF8k2LBLrHofrfIY0E2CQOpnt3nh84I808XcuK6nMS75raSNFBZVmXng4aixKRuG1USDQ7nxXzdQ4oqRWEmSjtm7rE0q1a_SdCCH5PftzKgdVAP0paprwpcDcAwCU8sRijntQjtfFCQIIOUZ1GzeQKqNouSAHnmn5TQUtFM7fhoAPt8WGJtPl8cQ-i4G8URpqQ
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.199.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-199-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 22:19:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
eu.sportradarserving.com/ul_cb/content/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_3... Frame F9CD
Redirect Chain
  • https://eu.sportradarserving.com/content/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi...
  • https://eu.sportradarserving.com/ul_cb/content/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCO...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/ul_cb/content/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfujNRNG3zKNrbfpwYPcf7FfT3fn7vopsjFfboV5Xa9n6GYA1eMn2EqVYG4vkiVjS-zUyxLqd3jLibUZHZx9_5nrQTe3yla8c_rUcK4sZpqdkj2864aMRrymiDn8l-rGW11cJasXMepR-qdhOF6KOS9fkDAlDWudgP9nyGftHEgHIRGa_y9rtU3ylZtECWxPmBX1nSfH6-5uvRgTbxPvJL4gTOMoKfE3LODYjkfDQX7cSKN0QtbsDn22ZlsXe8W4Fbaa1Mdiy8Rn12TDk5c1ZxKSAkIdP3eLyD6xkGGJa0wihsHI2NyHiz6ARm_bTK-jaxkQWpUA1QF2tTfQb1qTh1w90m7bPo_kl9maI5QaMX7aNIt45KIFq3pN8kVUk6RG2YPdYLuVWAM8cdlLPMG6jf1qmYjal3c77Eqe5rZ6L5ms1G0IOQCzwA3V0mW35o_uB_exF98hL7Xqy03XXAY_ECko3tWYPYlUwQiDGe3sKoOn9oMPkgRdV6FKOHSbYsJeHMjPSw5gs6koEEjXcNWQWaRTdyyhOzYMl50v7OCIspbTCtsqSUGf7Ad_tYOF9hRvTiAjsoJUoVMvHDuXfiqrf8GX8w5orR9q0BTuLONkRBF21ZznqpHBXVK6FgVfjI-V4YrjNo83ssBGTINo1M64h6Glst9pdZ7FHlnLK_Xcjt1Nh7dH5UWPz4N4SFfoHabd-sJNgt3KAxDgUd9cJsvF8k2LBLrHofrfIY0E2CQOpnt3nh84I808XcuK6nMS75raSNFBZVmXng4aixKRuG1USDQ7nxXzdQ4oqRWEmSjtm7rE0q1a_SdCCH5PftzKgdVAP0paprwpcDcAwCU8sRijntQjtfFCQIIOUZ1GzeQKqNouSAHnmn5TQUtFM7fhoAPt8WGJtPl8cQ-i4G8URpqQ/
Requested by
Host: www.file.io
URL: https://www.file.io/error
Protocol
HTTP/1.1
Server
3.124.199.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-199-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Redirect headers

Location
https://eu.sportradarserving.com/ul_cb/content/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfujNRNG3zKNrbfpwYPcf7FfT3fn7vopsjFfboV5Xa9n6GYA1eMn2EqVYG4vkiVjS-zUyxLqd3jLibUZHZx9_5nrQTe3yla8c_rUcK4sZpqdkj2864aMRrymiDn8l-rGW11cJasXMepR-qdhOF6KOS9fkDAlDWudgP9nyGftHEgHIRGa_y9rtU3ylZtECWxPmBX1nSfH6-5uvRgTbxPvJL4gTOMoKfE3LODYjkfDQX7cSKN0QtbsDn22ZlsXe8W4Fbaa1Mdiy8Rn12TDk5c1ZxKSAkIdP3eLyD6xkGGJa0wihsHI2NyHiz6ARm_bTK-jaxkQWpUA1QF2tTfQb1qTh1w90m7bPo_kl9maI5QaMX7aNIt45KIFq3pN8kVUk6RG2YPdYLuVWAM8cdlLPMG6jf1qmYjal3c77Eqe5rZ6L5ms1G0IOQCzwA3V0mW35o_uB_exF98hL7Xqy03XXAY_ECko3tWYPYlUwQiDGe3sKoOn9oMPkgRdV6FKOHSbYsJeHMjPSw5gs6koEEjXcNWQWaRTdyyhOzYMl50v7OCIspbTCtsqSUGf7Ad_tYOF9hRvTiAjsoJUoVMvHDuXfiqrf8GX8w5orR9q0BTuLONkRBF21ZznqpHBXVK6FgVfjI-V4YrjNo83ssBGTINo1M64h6Glst9pdZ7FHlnLK_Xcjt1Nh7dH5UWPz4N4SFfoHabd-sJNgt3KAxDgUd9cJsvF8k2LBLrHofrfIY0E2CQOpnt3nh84I808XcuK6nMS75raSNFBZVmXng4aixKRuG1USDQ7nxXzdQ4oqRWEmSjtm7rE0q1a_SdCCH5PftzKgdVAP0paprwpcDcAwCU8sRijntQjtfFCQIIOUZ1GzeQKqNouSAHnmn5TQUtFM7fhoAPt8WGJtPl8cQ-i4G8URpqQ/
Date
Sun, 08 Jan 2023 22:19:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
eb2.3lift.com/ Frame 72C5 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=53298
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 08 Jan 2023 22:19:51 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame B043 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 22:19:51 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B043 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 22:19:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B043 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 03 Jan 2024 22:19:51 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B043 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 03 Jan 2024 22:19:51 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame B043 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=r8qNQ0j-BECFERacJk0cJsmcFU1bNp7odxMyom0JBssz-dbnwcKszJWPkL9q4XAy-7tEDAIfPwWXZPhqiEepptlsKCm-v9q62eDBEIo64BoZA7z4wVBja2y1ou303phtei_Dw-Q0hgbbR4LAchSjSbk7FyS10vLlV3q-ho5l-xi044agCJLSzZGd5cgMKByPvIvmaHR6P_HYxQZdSb1utZ0ZAWkkJivxzsJDeaH91iBjNngdU7tso7nJejK9VlHC1F2TvYPCXC-mnbPvJVKNlG8FJurKL6woS0eSqoV8yy57CKGUU8dH7QgQF7bRMoo4IzN6RKYh8arqwJdvLB4oy30saBY07DxBynkK9SUD6jP8kWQ-4lZT0I-hnD2t6ZNOPg0AckERL2GHdSGQCQEnu-qi3kNEO1kCdouo13cZ5Z_WHejEA2hE0t8pU-O_NYXYtjaySA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1968031
expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A849 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-Q1KNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 18E0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 18E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCNXU68Y-14-JTJN
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCNXU68Y-14-JTJN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5610C874B47844839F2E363AC0E16722 Ref B: DUS30EDGE0711 Ref C: 2023-01-08T22:19:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxyAysifVrpBiVnWV3bw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCNXU68Y-14-JTJN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 18E0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T063aLPRTE-LeBK_6sj1sA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=T063aLPRTE-LeBK_6sj1sA
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=T063aLPRTE-LeBK_6sj1sA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KJQCKMHVBHQEKHNN8C37
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=T063aLPRTE-LeBK_6sj1sA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 18E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK22owvq9tnKOg4WwWz1wDc&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK22owvq9tnKOg4WwWz1wDc&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK22owvq9tnKOg4WwWz1wDc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 18E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WosyHfyUDz5g-J0-vvYhnsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bYS3lWpE2oJkEg_dumELQowLEPHYhwosuNhcFA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bYS3lWpE2oJkEg_dumELQowLEPHYhwosuNhcFA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bYS3lWpE2oJkEg_dumELQowLEPHYhwosuNhcFA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 18E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI0ZjAyY2JkNzFjZGMzZTIyYWE0NGMzZDIyNmEwODk2ZGM0MDkwOQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI0ZjAyY2JkNzFjZGMzZTIyYWE0NGMzZDIyNmEwODk2ZGM0MDkwOQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI0ZjAyY2JkNzFjZGMzZTIyYWE0NGMzZDIyNmEwODk2ZGM0MDkwOQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 18E0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sGv5UeoISa6jeLJP1YR7qg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sGv5UeoISa6jeLJP1YR7qg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sGv5UeoISa6jeLJP1YR7qg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KE6Y1G4RQR85CVTZ1S14
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sGv5UeoISa6jeLJP1YR7qg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 18E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENOWFU2OFktMTQtSlRKTg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENOWFU2OFktMTQtSlRKTg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENOWFU2OFktMTQtSlRKTg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9311 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 09 Jan 2023 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9311 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 19:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 09 Jan 2023 19:53:05 GMT
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=venatusmedia_RON_970x250&aid=27973226161691471493230&rev=2369ca4&pr=%24%7BAUCTION_PRICE%7D&bc=0.275&bmid=7963&biid=7290&sid=149752&brid=565226&adid=59848&crid=74556660&ts=1673216390&bcud=275&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=72128
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
l
www.google.com/ads/measurement/ Frame 8FB9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5a800SF9YuEXlYonP2kDk75S3vFd2N1sWnUafVBlRDfpRm95yDXbgGXObrqjQd-6XPpfQcCdbgfeWPIUxdXIjb_hyqA
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FB9 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:19:51 GMT
truncated
/ Frame FAAD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a19504a816ccd4b9951187cfb9e077c2dde9ac68b8a61617439e407008a499b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/png
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 08 Jan 2023 22:19:51 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.1375&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=3216391770
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
45ee5308145d13cc0880c3adb8beda01496af15b80e2a956caf1e94980908aab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
ATS/9.1.10.25
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.244.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-244-55.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://www.file.io
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=46651&t=1673216390&cip=138.199.38.133&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=fa4f9e35d536fe43d1f37e489584aa17&d63=fa4f9e35d536fe43d1f37e489584aa17&aafaid=&proto=https&uid=1673216390902-930099590237-006468-011-008621&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.71&cb=25994494405&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.38.133&cd18=50.11880&cd17=8.68430&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1673216391772&asid=5ff6ed8d06e9773265718a49%2C633ae81e14ba3a033d3a0fd6%2C60215b2a3cfdb257402901c4%2C5ffffc9e712b1564036ba7e2%2C5ff87336239c6c7fd600e1b5%2C61af25280e1fa51ae52bd659%2C5ff5868b4c1613054b3b5ee4%2C5ff48b20d0a41e5853490d69&ofpr=0.49%2C%2C0.49%2C0.49%2C0.49%2C2%2C0.49%2C0.49&fpo=%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=46651&t=1673216390&cip=138.199.38.133&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=fa4f9e35d536fe43d1f37e489584aa17&d63=fa4f9e35d536fe43d1f37e489584aa17&aafaid=&proto=https&uid=1673216390902-930099590237-006468-011-008621&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.71&cb=25994494405&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.38.133&cd18=50.11880&cd17=8.68430&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1673216391773&asid=6245a97f138a392b6f34aeb8%2C63a1c97d9fc0bb7a1703e25c&ofpr=%2C2.1375&fpo=%2C&ri=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=74799637301&lsavail=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1673216391780&pKey=-148747522&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.file.io%2Ferror&playerSize=440x247
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:51 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1673216391792002-592
Expires
Sun, 08 Jan 2023 22:19:51 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.26.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.file.io
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
307068
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/307068?src_sys=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 08 Jan 2023 22:19:51 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005306
X-SpotX-Timing-Transform
0.000281
X-SpotX-Timing-SpotMarket
0.005306
X-SpotX-Timing-Page-Require
0.000347
X-fe
138
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002614
X-SpotX-Timing-Page-Cookie
0.000021
X-SpotX-Timing-Page
0.009757
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000306
Last-Modified
Sun, 08 Jan 2023 22:19:51 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.file.io
X-SpotX-Timing-Page-Exception
0.000001
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000011
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000870
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
truncated
/ Frame 8FB9 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1524b8dcdc09aac2e16e894c6c9bfc102b7fb0c47d9250e05eebcf79335e8fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame BECB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:51 GMT
expires
Sun, 08 Jan 2023 22:19:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:51 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B043 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2084444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nVHv%2FxWGeS7kIjb%2Bm6CWH0D5iz4HX7z1Cwucl0RRc2hziSHMDsoX3ystlF1DpbC8Nz2uwnY%2BVBnTTe88V0ENntU%2B8HTLJ7B1NwwXI%2FuJTDlm6LBvBz4n5QizRWG7%2F9dixiV2iYcP1sqP8VfTeRsKbx0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
786851313e075c6e-FRA
expires
Fri, 29 Dec 2023 22:19:51 GMT
animejs.js
static.criteo.net/animejs/ Frame B043 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 22:19:51 GMT
b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
static.criteo.net/design/dt/ Frame B043 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 24 May 2018 07:59:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0670fe-dec4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 22:19:51 GMT
7e8aad33febb4921b3e1204c9924fd57_casanspro_bold.woff
static.criteo.net/design/dt/ Frame B043 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/7e8aad33febb4921b3e1204c9924fd57_casanspro_bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
069ac261a5bec6cac5978302a18ae038b0e052511723603810566a6d5213a6b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 24 May 2018 07:59:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b0670fe-df40"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 22:19:51 GMT
76ebd925976842d8870b8fbb3c8bae02_cpn_970x250_1.gif
static.criteo.net/design/dt/942/221223/ Frame B043 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/942/221223/76ebd925976842d8870b8fbb3c8bae02_cpn_970x250_1.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78f8e33aa2e615271beebc50e4ec060d39111f1c4d39042c7782127903fecf3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 23 Dec 2022 13:09:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63a5a87c-81d2"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
33234
expires
Wed, 03 Jan 2024 22:19:51 GMT
img
pix.eu.criteo.net/img/ Frame B043 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=942&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F942%2F221114%2Fba47502d2ebf4f46a3d4ebd48937a5bb_c-a_logo_black.png&v=3&w=356&s=GcPY_wu6jScQLlnpNjW8jsju
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
31d6a2340eead2575906fcd05e04f4bc3682f02f64b3b32351f9b1211185c859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28971326
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20327
expires
Sun, 10 Dec 2023 05:55:18 GMT
img
pix.eu.criteo.net/img/ Frame B043 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1663837377%2F2188205-1-01.jpg&v=3&w=800&s=LYmQPaUPOa-A3EO32TVTv4Oq&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3daeb56d733521af5ae739faf4ca496ba714db70e736442e160906eba5c8712b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30469712
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11242
expires
Wed, 27 Dec 2023 14:08:24 GMT
img
pix.eu.criteo.net/img/ Frame B043 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1664871141%2F2184370-4-01.jpg&v=3&w=800&s=n-EDc1iFzdjutx_4Pzyvxd2R&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
232363d3a721ad9d32241a247a74bc910f56f7e8de0d628e1b3fab5b131e96f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30126641
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13726
expires
Sat, 23 Dec 2023 14:50:33 GMT
img
pix.eu.criteo.net/img/ Frame B043 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1666084911%2F2190832-1-01.jpg&v=3&w=800&s=CtXXACuEh7BzvktCPrRKqet3&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
65f49c7266b784a90a83c26915d751bc966ab715c49c5a1abe5be9999bdb6789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29851390
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22268
expires
Wed, 20 Dec 2023 10:23:02 GMT
img
pix.eu.criteo.net/img/ Frame B043 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1668764655%2F2140884-1-01.jpg&v=3&w=800&s=wYxVLZqtIPi3VdcUtcEtDn3t&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
5119a9c5ed6ef7293c4158e492c42037d65a3ace653adce8ef9ee44d3ad3f1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29762520
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16790
expires
Tue, 19 Dec 2023 09:41:52 GMT
all
csm.eu.criteo.net/ Frame B043 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=jWmZUYbGWi0HUvyNQhnejpkGwvb5KqYh3eaCpydx5oMZ-S5Hzt7zs3-1xnBmpCAREEayiRX3V_d-vb7TdyMXAwhaZdQyg-8KOxPATqjERutm0CzQofS04I_-lfI-KupSM5e3t4xWZnxtiCleBU7nda0-Mct82Pba9JVSL-uY1GWyBf_rxyLtaPxzqwoE20kWPsoHk3vasOWQ5gvaEtoBKYOFMdz4On7tz2SRHeJ2Yq2TP157bAlgsLnHoPDNYcqqv68U-w&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B043 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 22:19:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B043 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 22:19:51 GMT
truncated
/ Frame 9311 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29068075dd38ffbcda6046934a1d64140c8822b1fa5e84d0c31bd7a4f0a6e1bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/png
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 08 Jan 2023 22:19:51 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.1375&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=3216391962
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
45ee5308145d13cc0880c3adb8beda01496af15b80e2a956caf1e94980908aab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
server
ATS/9.1.10.25
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.244.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-244-55.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://www.file.io
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=46651&t=1673216390&cip=138.199.38.133&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=fa4f9e35d536fe43d1f37e489584aa17&d63=fa4f9e35d536fe43d1f37e489584aa17&aafaid=&proto=https&uid=1673216390902-930099590237-006468-011-008621&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.71&cb=25994494405&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.38.133&cd18=50.11880&cd17=8.68430&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1673216391963&asid=5ff6ed8d06e9773265718a49%2C633ae81e14ba3a033d3a0fd6%2C60215b2a3cfdb257402901c4%2C5ff87336239c6c7fd600e1b5%2C5ff5868b4c1613054b3b5ee4%2C5ff48b20d0a41e5853490d69%2C5ffffc9e712b1564036ba7e2%2C61af25280e1fa51ae52bd659&ofpr=0.49%2C%2C0.49%2C0.49%2C0.49%2C0.49%2C0.49%2C2&fpo=%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=46651&t=1673216390&cip=138.199.38.133&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=fa4f9e35d536fe43d1f37e489584aa17&d63=fa4f9e35d536fe43d1f37e489584aa17&aafaid=&proto=https&uid=1673216390902-930099590237-006468-011-008621&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.71&cb=25994494405&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.38.133&cd18=50.11880&cd17=8.68430&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1673216391963&asid=63a1c97d9fc0bb7a1703e25c%2C6245a97f138a392b6f34aeb8&ofpr=2.138%2C&fpo=%2C&ri=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cdb
bidder.criteo.com/ 		18 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0&cb=87245277688&lsavail=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
unruly_prebid
targeting.unrulymedia.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.file.io
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
307068
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/307068?src_sys=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 08 Jan 2023 22:19:51 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004758
X-SpotX-Timing-Transform
0.001419
X-SpotX-Timing-SpotMarket
0.004758
X-SpotX-Timing-Page-Require
0.000320
X-fe
115
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.004028
X-SpotX-Timing-Page-Cookie
0.000019
X-SpotX-Timing-Page
0.011706
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000276
Last-Modified
Sun, 08 Jan 2023 22:19:51 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.file.io
X-SpotX-Timing-Page-Exception
0.000001
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000873
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1673216391970&pKey=-148745631&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.file.io%2Ferror&playerSize=440x247
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:52 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1673216391867098-561
Expires
Sun, 08 Jan 2023 22:19:52 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.26.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Staubsauger-min_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 9311 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/Staubsauger-min_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0175d5dc8547bd8c88dcde5c30989501e8cdf8198d5aed2e1174be7302c5ac97
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45422
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
Wascher-min-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 9311 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/Wascher-min-min.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54513bce8858a826bd462343383985c6edfbea43269d206f1923e3f7f9f53c04
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58974
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
Laptop-min_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 9311 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/Laptop-min_3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbdb949095dbbbd9191f9b2a846a9a5351ad32f6aae45a96ac2548623e826503
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24891
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
TV-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 9311 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/TV-min.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0ea1049a19b857a18d434d1dadaccf848784fe4d9a7218b1261e91a343139b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47755
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
Packpapier-min.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 9311 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/Packpapier-min.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
120fd27087495fe58d4e9a22403aaf16970d830ebd8d42eec26632a8268fd75f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145835
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
c
prebid.a-mo.net/a/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c1e44be0ab6ae787ba90277ff7f578d1a351cbcaad4ee262c667b963a2d7bb3f

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5381bd9b9e0774fc2d064c9449cdcbe210fd9afe572ef691a467d3e45168b791

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3c71fbc2708dd2077ace7f0718c708693494668bb3a84cfaf2292a7e27e296d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:52 GMT
AN-X-Request-Uuid
35850d4e-ad68-494c-9dd8-e4a5481dc2dd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Ferror&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
accept-ch
user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.26.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-26-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:52 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221527242a017eeadb%22%3A%225c3986d1c2b45d45777d%7C970x90%2C728x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Ferror&s=485b8aeb-2775-45ac-bc0d-a78317870e9e&pv=a24bd912-c608-4122-a1e2-b7cc0b7b18cb&vp=desktop&lib_name=prebid&lib_v=7.17.0&us=8&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22211a412b-067a-4023-87bb-5d922dcc91d8%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
2d4318673557e90ac7ec4ebe69b37a3cf349205042d9024f2cf336c8c1a84e92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:52 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-9
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
596
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
44e5a3fb0ff585db5b61c70b6ad6153a057555268d6177896b6ea8b26e334768

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 07 Feb 2023 22:19:52 GMT
pbhid
id.hadron.ad.gt/api/v1/ 		132 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6232601ee6ce1b8c152a7cc91d87d754d1e6e4050d4bbe81cddd77864af9e2c

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
cf-ray
786851337b822bb6-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F247 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112684
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B151 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112684
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E9B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112684
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b1014b44d513bcae9c0d9ff4d97d5db&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2703_7186409682771570967&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:52 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1673216392460029-575
Expires
Sun, 08 Jan 2023 22:19:52 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
cc02474483461eeddcec8934b479585923c1f29a4837bdccd7fdb74b823388ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
258.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f7b7b3564951f4918896ad036986f09049f40deb96f6466da76b52ed2ddae04c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
track_enc
track.venatusmedia.com/dual/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.247.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-247-181.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:52 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=562308737895755&correlator=1699892829004416&eid=31071460&output=ldjh&gdfp_req=1&vrg=2023010406&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_6373748f889c301e8e7ad579&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=5&adks=3931764840&didk=389257082&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D6373748f889c301e8e7ad579-1008%26hb_iv%3D1%26sv%3D1%26re_ve%3D4c63ce45-v7.17.0_fo%26pg_ld_id%3D08b5e099ca7c47d220d1284be5105e63%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D6373748f889c301e8e7ad579%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dccf08f086937fec6617c3318fe30ecc5%26st_ty%3Dhorb%26bf_br%3D19300000%26af_im%3D19300000&eri=1&sc=1&cookie=ID%3Db5e2840fb85cbdef%3AT%3D1673216389%3AS%3DALNI_Ma5uX_fO4gjVgVbAvqCj8Qv5GvkWA&gpic=UID%3D00000b9fd994ff8a%3AT%3D1673216389%3ART%3D1673216389%3AS%3DALNI_MZHGwcrD7Vr4_bEaBu9JSojaP7rCQ&abxe=1&dt=1673216392381&lmt=1669217203&dlt=1673216388585&idt=1325&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Ferror&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=807635971.1673216389&ga_sid=1673216390&ga_hid=1867643623&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1acdbb2be0e53f823be920e3d1c3a6b22c1956e100f5b792a5077131f52a017
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-80OWAufwCFdOC_Qcd0pIFxQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/15621291058250383360/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-80OWAufwCFdOC_Qcd0pIFxQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/15621291058250383360/index.html
date
Sun, 08 Jan 2023 22:19:52 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29139
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023010406&jk=562308737895755&bg=!YGOlYyfNAAYDMoyoIzI7ACkAdvg8WiUAK3KRzdmodaWId66bixNq8G6sXPxb-SW1sv_G0jIBPAM-mAIAAALbUgAAAANoAQeZAqri0u7zpVEdppEJN0JKD_f3rwyAlJR4QBo0S8AbE9qQT6ZaeAzC8zaYk8sm8buPDDkpWXO1fjqmXY6bT0QvJd9sIDMUdvYaStt8PVOdUxQcWRfq02LYokrKZ5unkiOs28V-CicZgQur8LRcn7Hf6mAXGjaYQTBCcul0l3E_t74Yhi-e4dOjBb_dXZhRn8e9Gdy1Kmzj6GID8B2048sXyv_cMSTLGSHYzHQX7eEzxwChSNeZa3JMdcmTxbm0GylT5_KtHiNfM3yOIYrt-MTRFJmUAXO0HRjqH7hLJOm4zUoe8EZua3k8UBTr8fJWDrglYy3VLkq2esT04Pj_JZkgqGNwQpG8KRih-agMQdVaTztzQNWS0J-XIoDDnkiUdz7wXub87UIEdW0yKmtQjikCwalPYuzHj6YO2ybrVr0QQvgwgvqUrKB548OyW9nO0-tIJuvac_j7idQriGTmliMv_x3Fk_5WNJqi7a0s4se1f1QpEiMZa-zQyrs2WiJE7-rXHZRSoueEKTVUYQaInUnOqBMU3f77hBIvCuK948bb4YQMtNf93epukGZSZ7S-KavHEeiFtdI1sxMX4FIgRjjafusW48lb9i1d5iVbMQl72_DOumDcQ-loHvgT6EtiO39atm6oNg7jk6V46IMlDbLlx6PV-QYxEBwvdMDyheH_9GKqOtwlOm_fWpDr8xvhi5GWSLhP4JAgQjAuCniWTbF_xiEwU-IMZq3guddnQY-8OeV7u-hlJjn_twNc8UqiHAbZ_McUCZ8GBDnQXawUIvz0y9aQ-YPHBD5QCnWPHXZdWy2dkXGi6gwqZgLZ_D3Kyrn3TZZSdfqbCMoNvqpJ-Zb_dNNfEKU5XDLUvhb7KC59uenhHWjgEfQmgimije2tCEKgRpb2h5isViGOC3B_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers
page-data.json
www.file.io/page-data/about/ 		0
633 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/error
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:38:37 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
QK6XEBQRZ111Z9XH
x-amz-cf-pop
FRA56-P5
age
52876
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
7QrABqrc6SjWQEOiOTmLRXZO4M0HNjNR14ugc33SGMThkAp6UEJ8i81Q1pdIqH1mrYwWcpsyM58=
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
55iyIYyxSGYeVfrvxlXYAKUOqBWNvncgVWjnG247Gb0qjSckKtVKcA==
page-data.json
www.file.io/page-data/signup/ 		0
624 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/error
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:41:26 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
BAK46XFWK3ETJWKE
x-amz-cf-pop
FRA56-P5
age
52707
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
rF0X9U+U8eFexYJ2Ocs64LVJCmzC/Jm+wHtkkPf/Z/JnAR0FAvCI9FZFbpwDWBIaaVBNNbYXsRs=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
967bUZn8ERq50tPk_cC8J5DEq83cPA7e3Qm7dfgRqbgpfvUKqiuKQA==
page-data.json
www.file.io/page-data/index/ 		0
637 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/error
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 05:03:47 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
GCB18XFE0G2Q1JH6
x-amz-cf-pop
FRA56-P5
age
62165
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
fY32zxIDJDyiB34HejtX3b05vqHB9uMEMI6nElEg0E0jxO3Ejs4Zg/mCdKMZxMGSw1WUFKe8t1s=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
9o7S79qPxclDKp5jIdGG8Kukb_6sp9Tu0J0mMuzegH1VCp9trAj6OA==
page-data.json
www.file.io/page-data/login/ 		0
617 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/error
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 08:31:47 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
4WTEPF3YT3S004WM
x-amz-cf-pop
FRA56-P5
age
49686
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
BoRH2o/bm9DHDE2KlD3QE85kKCIxfO8EHfpXr0C9i9dfHZ/51kI1X45hfHRWs5Xwel0mxiPsBTg=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
SaKaFQ5xmHtrZQcqwACF_-HMub9laBpOVFirs-BltbqH8qgK2nye6A==
page-data.json
www.file.io/page-data/signup/ 		137 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:41:26 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
BAK46XFWK3ETJWKE
x-amz-cf-pop
FRA56-P5
age
52707
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
rF0X9U+U8eFexYJ2Ocs64LVJCmzC/Jm+wHtkkPf/Z/JnAR0FAvCI9FZFbpwDWBIaaVBNNbYXsRs=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
6GdukT6sTXuojWy5BmWnRWoAxPzxNNbFPWQIxAMO4O-CUWT9L1S2vQ==
page-data.json
www.file.io/page-data/login/ 		135 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 08:31:47 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
4WTEPF3YT3S004WM
x-amz-cf-pop
FRA56-P5
age
49686
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
BoRH2o/bm9DHDE2KlD3QE85kKCIxfO8EHfpXr0C9i9dfHZ/51kI1X45hfHRWs5Xwel0mxiPsBTg=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
JrET7t1F1MwFV-QG3p2ALtWLvG1XPHKm1kPhrCH4RuO_lwviUmQZmw==
page-data.json
www.file.io/page-data/index/ 		154 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 05:03:47 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
GCB18XFE0G2Q1JH6
x-amz-cf-pop
FRA56-P5
age
62165
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
fY32zxIDJDyiB34HejtX3b05vqHB9uMEMI6nElEg0E0jxO3Ejs4Zg/mCdKMZxMGSw1WUFKe8t1s=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
cCe-bF76znAqUuEEqvciPl8FZKe6q5BU0Q0RCScQLYim5yuGhCFfIA==
page-data.json
www.file.io/page-data/about/ 		147 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:38:37 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
QK6XEBQRZ111Z9XH
x-amz-cf-pop
FRA56-P5
age
52876
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
7QrABqrc6SjWQEOiOTmLRXZO4M0HNjNR14ugc33SGMThkAp6UEJ8i81Q1pdIqH1mrYwWcpsyM58=
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
5j3zvpXNXMeIl_G-0jmKEQq7ecaU2rAdJnxguHFrv3F4cvgoktUGDA==
component---src-pages-login-js-4334d2f9cc13bc6425f6.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-login-js-4334d2f9cc13bc6425f6.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 00:46:13 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
ZAWGV2WYSMDE82H0
x-amz-cf-pop
FRA56-P5
etag
W/"5846b26616c0b2bb2d33c186d91ddb78"
age
2583220
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
kze4Aa_wmYY8FsY_GtcpQl5JidwxifMTdH1dM9ommSCH7d1F1xkj5Q==
x-amz-id-2
G79SpIakHsP6uk/NMqgUkf7fVRaMU/owZaAhY+Nvqkj1WR9G3NdkgMPMTIAVjrQHJsE++UAlVXQ=
component---src-pages-signup-js-6276362a910cd31f83ca.js
www.file.io/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-signup-js-6276362a910cd31f83ca.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 11:19:36 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:42 GMT
server
AmazonS3
x-amz-request-id
1TT0WEW22NCFAD3J
x-amz-cf-pop
FRA56-P5
etag
W/"f532f8654ef9d6e2ccba95d194e45cc2"
age
1508417
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
tEp-VRJ8fJAnG6bedO-xSOpWbNrpVo9UQJxrSrjkLEbHez0Z6yGb8A==
x-amz-id-2
+FUI67G00qTuBRkE1NaLXcH+hG/mzY+lNxdQ4b7uZlHDFQYTlEfsJxRVfMHZbcrCbEfaPL+pGhE=
component---src-pages-index-js-6f342476ad3d7376370b.js
www.file.io/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-index-js-6f342476ad3d7376370b.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 00:48:52 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
82BS71YKTF6KP5E0
x-amz-cf-pop
FRA56-P5
etag
W/"a815a80bb57be2461e02b661e195f1f8"
age
3101461
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
6p3DmihhYjEkyUslyIZnbCcUbwfg850GVheU8vBD-ol_UrR_DuJDgg==
x-amz-id-2
I7Ugu6g4QZUmqj5OuyA5z+pqGiPQKqOk76kxq1Jc3bLAvkLCFxOx+hBHGhcijhCY33DYpMIwjDk=
component---src-pages-about-js-e796be312b3f5a0e66a9.js
www.file.io/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-about-js-e796be312b3f5a0e66a9.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 01:08:18 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:40 GMT
server
AmazonS3
x-amz-request-id
CQ10MB7C5K784YQ5
x-amz-cf-pop
FRA56-P5
etag
W/"9bb0618c91746ad73fe92abe83c168d2"
age
2322695
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
fad-3NwOOEpR3pTieBTjLHl4PcjHQyMGDHffb34ngLhWocbhdMuX3Q==
x-amz-id-2
GgtelOZX+gkXGknflrWy2RTp9aaS7gfIsUD3G8s2a5lFWdgyTl6KWxCvYIEWf9gAua1Uvb67W74=
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=venatusmedia_RON_970x250&aid=27973226161691471493230&rev=2369ca4&pr=%24%7BAUCTION_PRICE%7D&bc=0.275&bmid=7963&biid=7290&sid=149752&brid=565226&adid=59848&crid=74556660&ts=1673216390&bcud=275&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=61383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
container.html
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3329 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:50 GMT
expires
Mon, 08 Jan 2024 22:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
421833
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HFDaSHxyOExQdERYL0MzTXF5UlphdXZIL054YjVGZGxZM3VzbFNGRWZ3S3VPUytXbTU1cyt3T0NiYlhwOW5wV1U5eVo5c09ic29wOVl5VlB5ais2R1EyNUJQOE1SSFptTnJmOUFsVWRYQTgrUUhKbHgxTFFLZzJlV2RwdW...
333 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HFDaSHxyOExQdERYL0MzTXF5UlphdXZIL054YjVGZGxZM3VzbFNGRWZ3S3VPUytXbTU1cyt3T0NiYlhwOW5wV1U5eVo5c09ic29wOVl5VlB5ais2R1EyNUJQOE1SSFptTnJmOUFsVWRYQTgrUUhKbHgxTFFLZzJlV2RwdWNCaVJRU1BLSUdxay9jMlN1VXpqTFA5SFlNVmc4RjJTL0xsbFFIamNTV3Y5N2xGNGxaVWhBeHNjWE5VVHRrYVZ2QmJ5eFpVQmRyUER1dll1M1ZjUXJ2MTJCT1dMei9PRmx4Tzg1d2lzWERKL0M5OHhwNDBWVzJUVHVRVGJEOU4xRDcvMGx2S2cvfA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
85aa70828130672094e1d2cb75bfc4739f49200c147c41be0d9640367362c414
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1573888
expires
0

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=HFDaSHxyOExQdERYL0MzTXF5UlphdXZIL054YjVGZGxZM3VzbFNGRWZ3S3VPUytXbTU1cyt3T0NiYlhwOW5wV1U5eVo5c09ic29wOVl5VlB5ais2R1EyNUJQOE1SSFptTnJmOUFsVWRYQTgrUUhKbHgxTFFLZzJlV2RwdWNCaVJRU1BLSUdxay9jMlN1VXpqTFA5SFlNVmc4RjJTL0xsbFFIamNTV3Y5N2xGNGxaVWhBeHNjWE5VVHRrYVZ2QmJ5eFpVQmRyUER1dll1M1ZjUXJ2MTJCT1dMei9PRmx4Tzg1d2lzWERKL0M5OHhwNDBWVzJUVHVRVGJEOU4xRDcvMGx2S2cvfA&cppv=2
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
528235
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
44e5a3fb0ff585db5b61c70b6ad6153a057555268d6177896b6ea8b26e334768

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Jan 2023 22:19:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 07 Feb 2023 22:19:52 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FAAD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaXBngpacOGQJVXOTH8LA6Tzcl0O2FeMD2ShzPjPuPYf69QHslqqAvW35y3T5RRx2pAtsro1vhJKw94_J0z3Rli40&sig=Cg0ArKJSzPql_h6geENVEAE&cid=CAASF-Ro03yfO78TsyFRXq2suVywy3erklkF&id=lidar2&mcvt=1013&p=138,315,388,1285&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1730059972&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673216391132&rpt=631&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame 1E66 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 08 Jan 2023 22:19:52 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 429E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112684
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 3B5E 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 08 Jan 2023 22:19:52 GMT
sync
eb2.3lift.com/ Frame 534C 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 08 Jan 2023 22:19:52 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F6D7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 08 Jan 2023 22:19:52 GMT
ETag
"623de86a-cf34"
Expires
Mon, 09 Jan 2023 22:19:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 46B1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112684
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 853D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 08 Jan 2023 22:19:52 GMT
ETag
"623de86a-cf34"
Expires
Mon, 09 Jan 2023 22:19:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CD4A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 08 Jan 2023 22:19:52 GMT
ETag
"623de86a-cf34"
Expires
Mon, 09 Jan 2023 22:19:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FF1A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 08 Jan 2023 22:19:52 GMT
ETag
"623de86a-cf34"
Expires
Mon, 09 Jan 2023 22:19:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8DDF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 08 Jan 2023 22:19:52 GMT
ETag
"623de86a-cf34"
Expires
Mon, 09 Jan 2023 22:19:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7806 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 08 Jan 2023 22:19:52 GMT
ETag
"623de86a-cf34"
Expires
Mon, 09 Jan 2023 22:19:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 91FD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112684
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F092 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 08 Jan 2023 22:19:52 GMT
ETag
"623de86a-cf34"
Expires
Mon, 09 Jan 2023 22:19:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D9FB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112684
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7044 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112684
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
Tue, 10 Jan 2023 05:37:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 99F0 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 08 Jan 2023 22:19:52 GMT
sync
eb2.3lift.com/ Frame A664 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 08 Jan 2023 22:19:52 GMT
7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ 		47 B
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 22:19:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KRH2Q8T82NN9QA3EFJXQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
47
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-p0ip3OZE2uEc_H2yu8dljBUTKyjKo7VYUv_1.FA-~A
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-p0ip3OZE2uEc_H2yu8dljBUTKyjKo7VYUv_1.FA-~A
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-185
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-p0ip3OZE2uEc_H2yu8dljBUTKyjKo7VYUv_1.FA-~A
date
Sun, 08 Jan 2023 22:19:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Mzk2ZDU4OTItYTc2OC00MzQwLTg4M2EtMmJiOTAxMzhiMTRj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOvCgWVmaIOYTygxwUJHKi8&google_cver=1
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOvCgWVmaIOYTygxwUJHKi8&google_cver=1
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-126
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEOvCgWVmaIOYTygxwUJHKi8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=dd559210-d150-4357-aa82-bb816a971c38&google_hm=ZGQ1NTkyMTAtZDE1MC00MzU3LWFhODItYmI4MTZhOTcxYzM4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEC2NLYtx6fA6_cV0HYyMILQ&google_cver=1&ssp=sonobi&bsw_param=dd559210-d150-4357-aa82-bb816a971c38
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=dd559210-d150-4357-aa82-bb816a971c38
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=dd559210-d150-4357-aa82-bb816a971c38
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-112
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=dd559210-d150-4357-aa82-bb816a971c38
date
Sun, 08 Jan 2023 22:19:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5133329523736712215
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5133329523736712215
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-155
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5133329523736712215
Date
Sun, 08 Jan 2023 22:19:52 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 08 Jan 2023 22:19:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=396d5892-a768-4340-883a-2bb90138b14c&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RDhaZl9seWpqNjgyS3BYcGtxQzRSUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEICa61Pmf4oQotmU9IRCaPA&google_cver=1
49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEICa61Pmf4oQotmU9IRCaPA&google_cver=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6449ff7c76-nfghl
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEICa61Pmf4oQotmU9IRCaPA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ca8163bb-4188-4a00-a79c-5c36fafc315a
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ca8163bb-4188-4a00-a79c-5c36fafc315a
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-107
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Jan 2023 22:19:52 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ca8163bb-4188-4a00-a79c-5c36fafc315a
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 08 Jan 2023 22:19:51 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 3DCE 		1 MB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f11eba7f0f5d650cf1b17accd01feca8f5a7d7fad633f793f5360d65e03ed9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
235187
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
72569
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 05:00:05 GMT
expires
Sat, 06 Jan 2024 05:00:05 GMT
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3329 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cwqt4iEG7Y6_YGtOF9u8P0qWWqAysotyGbpa48tzgEJro0uCyARABIIOb02lgldKegrAHoAHUo4fcAsgBCakCPJNFBMrbsT7gAgCoAwHIAwKqBPIBT9AAY8n0BKBNEUbKxw6Aj_CNE6N5T0L70xJe7T2r20NrFjkgMuz7xvm2nv7rENV7Xeb7zNLQ-uNcsd9MxhvikGghyuPkUJWryiUY1Xy3CHWH7iDH4XGOZbNXK0ARF74q7z1rIPdn07oNcZhE8gX5JdT-ShwoIuvRRvON6hQnvkC7VcoQE8bIFAbdaYlVa5I3Lwo7oArHixEf61O1FFQWFDNA18YQ153yq9CyrD_wMHK36u4aKQ1GyJazVh0Pz9uXCDOgsGwktj3sFIG5mebt-RTHjkMjj5PkKJhQYpLl_kBpU_SyLWA4VptiubRkZQmpPzvABLeE65ScBOAEAZIFBAgEGAGSBQQIBRgEoAZdgAeU3PijAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMDsC9IIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTU3ODE1MzEyMDc1MDkyMzIY57Zt&sigh=Nu4kAS0Eb6A&uach_m=[UACH]&cid=CAQSPADq26N9cA3rlaB_87RUJ5z77VOHU6lpFsxYYA8J52tUat5GES7pPfahkIFf6485zgbXgcQfUTkMLkPwEhgBIBM
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 3329 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 19:33:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
9965
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 19:33:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 3329 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 02:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
72201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 02:16:31 GMT
lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfu...
eu.sportradarserving.com/vimp/ Frame F9CD 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/vimp/lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfujNRNG3zKNrbfpwYPcf7FfT3fn7vopsjFfboV5Xa9n6GYA1eMn2EqVYG4vkiVjS-zUyxLqd3jLibUZHZx9_5nrQTe3yla8c_rUcK4sZpqdkj2864aMRrymiDn8l-rGW11cJasXMepR-qdhOF6KOS9fkDAlDWudgP9nyGftHEgHIRGa_y9rtU3ylZtECWxPmBX1nSfH6-5uvRgTbxPvJL4gTOMoKfE3LODYjkfDQX7cSKN0QtbsDn22ZlsXe8W4Fbaa1Mdiy8Rn12TDk5c1ZxKSAkIdP3eLyD6xkGGJa0wihsHI2NyHiz6ARm_bTK-jaxkQWpUA1QF2tTfQb1qTh1w90m7bPo_kl9maI5QaMX7aNIt45KIFq3pN8kVUk6RG2YPdYLuVWAM8cdlLPMG6jf1qmYjal3c77Eqe5rZ6L5ms1G0IOQCzwA3V0mW35o_uB_exF98hL7Xqy03XXAY_ECko3tWYPYlUwQiDGe3sKoOn9oMPkgRdV6FKOHSbYsJeHMjPSw5gs6koEEjXcNWQWaRTdyyhOzYMl50v7OCIspbTCtsqSUGf7Ad_tYOF9hRvTiAjsoJUoVMvHDuXfiqrf8GX8w5orR9q0BTuLONkRBF21ZznqpHBXVK6FgVfjI-V4YrjNo83ssBGTINo1M64h6Glst9pdZ7FHlnLK_Xcjt1Nh7dH5UWPz4N4SFfoHabd-sJNgt3KAxDgUd9cJsvF8k2LBLrHofrfIY0E2CQOpnt3nh84I808XcuK6nMS75raSNFBZVmXng4aixKRuG1USDQ7nxXzdQ4oqRWEmSjtm7rE0q1a_SdCCH5PftzKgdVAP0paprwpcDcAwCU8sRijntQjtfFCQIIOUZ1GzeQKqNouSAHnmn5TQUtFM7fhoAPt8WGJtPl8cQ-i4G8URpqQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.199.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-199-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 22:19:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 8FB9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubcjzaBM2VfchLXKPDHEKGrfl-mQUGaKdwKOeptaKsIoFJauxwxScZVNpRYaPdAP6CMkdhgFjpBdCFVjoobajxZFyGBY3A4YIKA9zA6EPFeOjewF7CLE80fxbFiJPHAcmmMEdVPw&sai=AMfl-YR6Wjj2yUoFnTZ4urYxKbcq2Xs1n3cLqxZSfCayiannNMi8TsC5j78tftRlVu45gjXzGDR0UUdZ7BspuZVuQI8Rxn4okp4LMAb3twssPjR6mdcm_okMtUkSei4HGqU&sig=Cg0ArKJSzBw3Qxvxiwp-EAE&cid=CAQSPADq26N9YxOzbrPAB1ZDaPEih4NRjBh8gpPEWhIdkomxE4dBl-3ZjSpzyCD70DE_vZyriejJ2LFT9ZNlgxgBIBM&id=lidar2&mcvt=1121&p=160,45,760,205&mtos=1121,1121,1121,1121,1121&tos=1121,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=395328340&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673216391218&rpt=634&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HFDaSHxyOExQdERYL0MzTXF5UlphdXZIL054YjVGZGxZM3VzbFNGRWZ3S3VPUytXbTU1cyt3T0NiYlhwOW5wV1U5eVo5c09ic29wOVl5VlB5ais2R1EyNUJQOE1SSFptTnJmOUFsVWRYQTgrUUhKbHgxTFFLZzJlV2RwdWNCaVJRU1BLSUdxay9jMlN1VXpqTFA5SFlNVmc4RjJTL0xsbFFIamNTV3Y5N2xGNGxaVWhBeHNjWE5VVHRrYVZ2QmJ5eFpVQmRyUER1dll1M1ZjUXJ2MTJCT1dMei9PRmx4Tzg1d2lzWERKL0M5OHhwNDBWVzJUVHVRVGJEOU4xRDcvMGx2S2cvfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 08 Jan 2023 22:19:52 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
676877
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
all
csm.eu.criteo.net/ Frame B043 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=jWmZUYbGWi0HUvyNQhnejpkGwvb5KqYh3eaCpydx5oMZ-S5Hzt7zs3-1xnBmpCAREEayiRX3V_d-vb7TdyMXAwhaZdQyg-8KOxPATqjERutm0CzQofS04I_-lfI-KupSM5e3t4xWZnxtiCleBU7nda0-Mct82Pba9JVSL-uY1GWyBf_rxyLtaPxzqwoE20kWPsoHk3vasOWQ5gvaEtoBKYOFMdz4On7tz2SRHeJ2Yq2TP157bAlgsLnHoPDNYcqqv68U-w&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7tBhgAMR2EH_ZDlAA-Y8vbv8EBPbjoGjXntsw&u=%7CMOAqiHhDpAY%2Be%2Bh5g5miCfnhKhKcSVKJmmFjy%2FlmwOM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sZPEusYW6ev58vZmHpdlZ3Q-I5jiT0SFBz66OEf9TTnc5SWcSP11f9q6OGD-3mBfym0Gobj0yWoITlF9w-HFnPECJdYaZR9Emk8ObjtLF0thDqaLgzKK40dQhIRk5CS4fNETIWMuX2E0KLJSu1Q7R0E29JhWSSlMe-Y0k78G6iVZoYovgZOHiADMUoQHTa9Vi4HoI2fDnJM6Fmp0y7uED6Ai7CwHXt3b2-eQd8zoSjDNtYunpyXGBRdfh2waaQP7Sdj9R3orYXUxBsQAkq83i0x6-teCxJLG2OXBQmngtSEpnpB1s85oSpqbxxzGJAKOhXIRYZmpXczRLHvCFIUP8d5uXQsEG39lro2JuRdonzX-Zx4G-PXKah-h5BCW2gWgM8WLis7RfTBA-A6qgkuGcsAfsWEmmJ496O_gS0t5KVyQhe7qy14G4n7HWNSiaWlHYM9oWHb2nmGgJU0Cun6ka2YHxgpOPmJ2orwdKmVLZXV_h1B4Cb_Q0XMMjOsotVqFGs6NdEAMihFtfyoiUyxFu3SheM2zzuCxD-vHv6wazNUtYmdg633M1RfDE_Rs-uyZ0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVmDLhkG7Y-GOMeWh9u8P8rG-sAnJntKxXNWdkfdwwI23ARABIABgldKegrAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAjyTRQTK27E-4AIAqAMBqgSVAk_QdUJVNgDBDdtuWY9zToh9kdT7njq68JwZ7SJUmbQzyxkHpS357HP6io6mJtEpBfEUsEozOwcJDeU8SfbpWnDq_yBlk8zLV3gSbeuEYY5OLvN_Yba-kJ4sbTG6wpnujfFUY05671L4f19tNebWNvVBQIq4WlceKFoenZ-_DSlMIvqtSdtlBKTZzwFEAJOhwDCECVLgbbO5THG7jW1EwMW8Wv9uphWpQnH058OPQOwcltWukzXSkFAbLzgecAAv7MdrhVJq22Zkazs6s0f2a_gIx4N7kEG8OYJu6cJxO0BNSr1Wz8H1R88rCWMButDZzmtfQw3jtxCcKzRucuv77mBhYY0zLfZ-YHJUYZ5rKCKkWv7akHfgBAGABou-jN3ArpPa2gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YB0GwmZV43-6wxNAE9eSsPwUzZg%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 08 Jan 2023 22:19:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
6f7f913d11d3acf7b5654e94f04088875bec8671ceda454939d44550c06985fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 853D 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
AN-X-Request-Uuid
8704f61d-1486-4769-ba21-f8328186b701
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
258.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
8477ea76137ed135f4ede8b7302c862c7773e73aea58585a51e342c619b23c66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 08 Jan 2023 22:19:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
async_usersync
ib.adnxs.com/ Frame CD4A 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
AN-X-Request-Uuid
15167c39-2f44-4c61-8a10-132a7b8037b0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FF1A 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
AN-X-Request-Uuid
167bf7b0-a78f-4c16-a5ec-a49e2c8ea484
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F6D7 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
AN-X-Request-Uuid
bda4a787-ee59-4745-980c-e931806a6369
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8DDF 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
AN-X-Request-Uuid
30da370d-c3a1-4ca4-b9d8-7341a8d2a929
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7806 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
AN-X-Request-Uuid
b1a2586f-164d-4d80-9f15-b1be1991181a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3DCE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 09 Jan 2023 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3DCE 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 19:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
8808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 09 Jan 2023 19:53:05 GMT
async_usersync
ib.adnxs.com/ Frame F092 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:53 GMT
AN-X-Request-Uuid
4664274b-6160-4753-ac90-c778f00e10f6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
l
www.google.com/ads/measurement/ Frame 3329 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTV1VKh7glJSZIhdQi_bU6yhk2pMAfVaWX6gelXw_sWqcDHE5BECoRXnLKqkquQvZdrnvJ8U2x4nR-clOuEAP2gbE1l7A
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3329 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 22:19:53 GMT
truncated
/ Frame 3329 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca25fbf015e76614b0929347de122fd0f7361bcbde687d44657027c2fc4f5f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3DCE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29068075dd38ffbcda6046934a1d64140c8822b1fa5e84d0c31bd7a4f0a6e1bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Content-Type
image/png
Staubsauger-min_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 3DCE 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/Staubsauger-min_1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0175d5dc8547bd8c88dcde5c30989501e8cdf8198d5aed2e1174be7302c5ac97
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45422
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
Wascher-min-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 3DCE 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/Wascher-min-min.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54513bce8858a826bd462343383985c6edfbea43269d206f1923e3f7f9f53c04
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58974
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
Laptop-min_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 3DCE 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/Laptop-min_3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbdb949095dbbbd9191f9b2a846a9a5351ad32f6aae45a96ac2548623e826503
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24891
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
TV-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 3DCE 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/TV-min.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0ea1049a19b857a18d434d1dadaccf848784fe4d9a7218b1261e91a343139b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47755
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
Packpapier-min.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/ Frame 3DCE 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/Packpapier-min.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15621291058250383360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
120fd27087495fe58d4e9a22403aaf16970d830ebd8d42eec26632a8268fd75f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 05:00:05 GMT
x-content-type-options
nosniff
age
235188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145835
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 13:33:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 05:00:05 GMT
async_usersync
ib.adnxs.com/ Frame 853D 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:54 GMT
AN-X-Request-Uuid
3bd5494e-4c3b-480c-a697-ab01e737adef
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CD4A 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:54 GMT
AN-X-Request-Uuid
84af836b-1988-47dd-92e8-91a69ca78a8a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FF1A 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:54 GMT
AN-X-Request-Uuid
ad0fcbc1-31a7-4a4d-82bf-ed2a404f9a46
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F6D7 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:54 GMT
AN-X-Request-Uuid
4d6a6529-0a95-4f58-bccb-ff29dd6517bd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8DDF 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:54 GMT
AN-X-Request-Uuid
970b9acf-24d8-410c-a933-579c810b5a38
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7806 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:54 GMT
AN-X-Request-Uuid
ddc88265-4ef2-4a0d-9305-7dbff85cc956
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F092 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 22:19:54 GMT
AN-X-Request-Uuid
8b4801ed-b459-4509-abe2-9361e68dcc85
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3329 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLbL8mjrOFec78fPcW72jhPijOz_0pG4hN3q9YUXCxVAo-h9Sigms7hvQ5kadrCuBzN6FVCfF9X1xvlK8uTawseIXvEqRxi2KsxaK3B-w7K-aJcZvfoaHENHB0GDb8lDSS2O87Ng&sai=AMfl-YTPdiTc7jmgTCCvNWE-TtTwUGo55lM2F1aWX5cY2flLqjxCwEvA651m_OssvkclFyDJfD3b8iRzfOYGD9MVGRvbcF1W1rr2mBA-mSbn1bgabTgWm9J4jHutuF37DQ8&sig=Cg0ArKJSzIpXIHSCp0UrEAE&cid=CAQSPADq26N9cA3rlaB_87RUJ5z77VOHU6lpFsxYYA8J52tUat5GES7pPfahkIFf6485zgbXgcQfUTkMLkPwEhgBIBM&id=lidar2&mcvt=1033&p=1110,315,1200,1285&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3931764840&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673216392796&rpt=391&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
76ebd925976842d8870b8fbb3c8bae02_cpn_970x250_1.gif
static.criteo.net/design/dt/942/221223/ Frame B043 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/942/221223/76ebd925976842d8870b8fbb3c8bae02_cpn_970x250_1.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78f8e33aa2e615271beebc50e4ec060d39111f1c4d39042c7782127903fecf3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 23 Dec 2022 13:09:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63a5a87c-81d2"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
33234
expires
Wed, 03 Jan 2024 22:19:55 GMT
page-data.json
www.file.io/page-data/developers/ 		0
651 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/error
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:22:37 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
HCT1MTPVS4BN96F1
x-amz-cf-pop
FRA56-P5
age
53839
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
cnIyE3LcKdhAZEXjpzVF0KnNXF+ylaNStDgQS0qJFuKPxRGSIFpP1+SDLPhlVGxNJMhLNgY1ZWw=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
Ba3RR995ah9Qg_VhxGHPUL1kPKH6vaciuiOB8ofnUHZRJVQLKX3jjA==
page-data.json
www.file.io/page-data/plans/ 		0
624 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/error
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:25:02 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
HCT2XKGV37F792NR
x-amz-cf-pop
FRA56-P5
age
53694
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
iRa10Sr9w6iIjCWQVDwCXgqoK8vsAz6nWeZLs8PEKJ0V5+CwExCulqr7ndzDqqDtDxKSDHUsbOg=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
g_4Oaqss5JpGucfgjHzhQQHeSrWT8w-der0nr9r--ki3vo_AcLMtcQ==
track
track1.aniview.com/ Frame 8BB2 		0
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=46651&t=1673216390&cip=138.199.38.133&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=fa4f9e35d536fe43d1f37e489584aa17&d63=fa4f9e35d536fe43d1f37e489584aa17&aafaid=&proto=https&uid=1673216390902-930099590237-006468-011-008621&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.71&cb=25994494405&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.38.133&cd18=50.11880&cd17=8.68430&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.232.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-232-73.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 08 Jan 2023 22:19:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
page-data.json
www.file.io/page-data/plans/ 		141 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:25:02 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
HCT2XKGV37F792NR
x-amz-cf-pop
FRA56-P5
age
53694
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
iRa10Sr9w6iIjCWQVDwCXgqoK8vsAz6nWeZLs8PEKJ0V5+CwExCulqr7ndzDqqDtDxKSDHUsbOg=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
yRnWiqDnZzcIEkA9VE6nm-f2rBsVMdhZRS3E37W0W9DhSNWDT8z6_g==
page-data.json
www.file.io/page-data/developers/ 		163 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:22:37 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-request-id
HCT1MTPVS4BN96F1
x-amz-cf-pop
FRA56-P5
age
53839
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
cnIyE3LcKdhAZEXjpzVF0KnNXF+ylaNStDgQS0qJFuKPxRGSIFpP1+SDLPhlVGxNJMhLNgY1ZWw=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
CZWdzWZDCXOGNZEKHTibdTzmEdXBTShtgLRM1lCy8M-ycDxZ7UBFNA==
component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
www.file.io/ 		0
170 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:53:06 GMT
content-encoding
br
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
JCTWPZSQJX1K5RAN
x-amz-cf-pop
FRA56-P5
etag
W/"80a59b6f64d0402abb9842573879e8fb"
age
2842010
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
WFUjGlxAwvuxetlORb0X7J_DX0T9_fXpL-xR9QvDRdWn-kjaSHiCKw==
x-amz-id-2
Pm4OP/hm1S3iDHajE3imPOctGoJQGyqeEuQdRdLVG+V5yPqA1znkmqu/gloLJWodMXNlR2hBIQ4=
component---src-pages-plans-index-js-4d7d70651af058699199.js
www.file.io/ 		0
937 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-plans-index-js-4d7d70651af058699199.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/error
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 07:05:45 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:42 GMT
server
AmazonS3
x-amz-request-id
MDNZ78PAKYGN2GDM
x-amz-cf-pop
FRA56-P5
etag
"66b96715a5faba1158fa14385302dc0f"
age
141250
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
473
x-amz-id-2
aNRIPmIacfykqz2eIP9irJ40cLCc0hfGPItPqYJcS9tjpAXOtQYFems2MoLFO1aoRuuZgIdEDNQ=
x-amz-cf-id
8L5Ef7tzVZ7EDSjmcXUxWiULR6Yf2Iqr7UYwrz0SzstZ3tST1Yo_TA==
publishertag.prebid.123.js
static.criteo.net/js/ld/ Frame 8BB2 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: www.file.io
URL: https://www.file.io/y9ow/download/B6DsLalNndDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Jan 2023 22:19:58 GMT
syncframe
gum.criteo.com/ Frame A2F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 22:19:58 GMT
server
Kestrel
server-processing-duration-in-ticks
1012158
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:19:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Jan 2023 22:19:58 GMT
sid
mug.criteo.com/ Frame A2F6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=file.io&sn=ChromeSyncframe&so=3&topUrl=www.file.io&bundle=N7e-HF9OZzRmZk5DUjBOYUpCRnc4dFROYkhRREE4TUEyQVlzOXl1cG5YRWtLdmprJTJCWmNtQkhMOEcw...
  • https://mug.criteo.com/sid?cpp=UGLAF3xaeUtZQ0tCS2gwSExUU3htMGt3TUNGMGpWa2V2QTdqUSs5Zk1meGtHMVl0ZG85MG1KelA0L0lha0h2QWlVTXh1Zjg3cGhteEV1ZEY5RHdSVENGWlBUNEZZVHdaSDIyNTB1aWwyWEtQaFdUM3ZSajJwNnZLU0lHMk...
423 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UGLAF3xaeUtZQ0tCS2gwSExUU3htMGt3TUNGMGpWa2V2QTdqUSs5Zk1meGtHMVl0ZG85MG1KelA0L0lha0h2QWlVTXh1Zjg3cGhteEV1ZEY5RHdSVENGWlBUNEZZVHdaSDIyNTB1aWwyWEtQaFdUM3ZSajJwNnZLU0lHMkRwSGJQSkVEeFBGVXIvNjZHWDlpV3dZdjdhRDIzUlFCMzFKYi9BR1ZjSDFYdGxqQXAvOWNGZEo0VE1Ob0gzWVBiUm1HUi8wVS9tL0djUW9BZkt5Mi96Vm8xYVpveDZYS3pSNDFWY1hBRVVIdkRxY2UycXh4YTkrVWdYYzNnMkdaNEtGNzFKbVQ1NWpFK1poT3c5cU14WnpYa3RSaWlwaktZeGtBY2lmM3R5QUV2T0hRVzVQMD18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b31f6dd664273b5c083fe8de6f51abe488fae4b2958a3471e03c8cb249d8b3a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2552079
expires
0

Redirect headers

pragma
no-cache
date
Sun, 08 Jan 2023 22:19:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=UGLAF3xaeUtZQ0tCS2gwSExUU3htMGt3TUNGMGpWa2V2QTdqUSs5Zk1meGtHMVl0ZG85MG1KelA0L0lha0h2QWlVTXh1Zjg3cGhteEV1ZEY5RHdSVENGWlBUNEZZVHdaSDIyNTB1aWwyWEtQaFdUM3ZSajJwNnZLU0lHMkRwSGJQSkVEeFBGVXIvNjZHWDlpV3dZdjdhRDIzUlFCMzFKYi9BR1ZjSDFYdGxqQXAvOWNGZEo0VE1Ob0gzWVBiUm1HUi8wVS9tL0djUW9BZkt5Mi96Vm8xYVpveDZYS3pSNDFWY1hBRVVIdkRxY2UycXh4YTkrVWdYYzNnMkdaNEtGNzFKbVQ1NWpFK1poT3c5cU14WnpYa3RSaWlwaktZeGtBY2lmM3R5QUV2T0hRVzVQMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
651719
content-length
0
expires
0
ctrack
track1.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=ctpl&cppt=10.107396&cb=1673216400764
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.237.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-237-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.46 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 22:20:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| oncontentvisibilityautostatechange object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| __VM function| ym string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| Ya object| yaCounter90916604 number| gatsby_scroll_offset number| gatsby_scroll_duration object| __vm_add object| xl8_config object| googletag function| nmc function| sendToNielsen object| ggeac object| google_js_reporting_queue object| aniviewRenderer object| sas object| apntag object| _ADAGIO object| __vm_remove_category object| __vm_remove undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| aniplayerPos object| com function| _avcp object| storageAni object| GoogleGcLKhOms object| xl8img object| VM_API object| freewheelssp_cache number| _tlTagsPending object| google_image_requests object| criteo_syncframe_state

86 Cookies

Domain/Path Name / Value
.file.io/ Name: _ga
Value: GA1.2.807635971.1673216389
.file.io/ Name: _gid
Value: GA1.2.728590161.1673216389
.file.io/ Name: _ym_uid
Value: 1673216389688071306
.file.io/ Name: _ym_d
Value: 1673216389
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2219383426fake
.file.io/ Name: _gat
Value: 1
.file.io/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4273886300fake
mc.yandex.com/ Name: yabs-sid
Value: 1594859111673216389
.yandex.com/ Name: i
Value: 4Zp4ouf/N5brWNlIa6GFTY/AYkuqbr/mUQ1hWTceW1i2q5Qmfn0LAaFWfHRLmBuIRcEFevqeCrnXUOYRLsvG6+MKRYQ=
.yandex.com/ Name: yandexuid
Value: 2893811411673216389
.yandex.com/ Name: yuidss
Value: 2893811411673216389
.yandex.com/ Name: ymex
Value: 1704752389.yc.1673216389#1704752389.yrts.1673216389#1704752389.yrtsi.1673216389
www.file.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: uuid2
Value: 4709937452655253906
.file.io/ Name: __gads
Value: ID=b5e2840fb85cbdef:T=1673216389:S=ALNI_Ma5uX_fO4gjVgVbAvqCj8Qv5GvkWA
.file.io/ Name: __gpi
Value: UID=00000b9fd994ff8a:T=1673216389:RT=1673216389:S=ALNI_MZHGwcrD7Vr4_bEaBu9JSojaP7rCQ
.go.sonobi.com/ Name: __uis
Value: 396d5892-a768-4340-883a-2bb90138b14c
.go.sonobi.com/ Name: _usd_file.io
Value: a24bd912-c608-4122-a1e2-b7cc0b7b18cb
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_yh
Value: 1
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.go.sonobi.com/ Name: HAPLB3A
Value: s359|Y7tBi
.exelator.com/ Name: EE
Value: "20cc4519e252b2acf739a669f4451399"
.aniview.com/ Name: aniC
Value:
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHIIDnZxNTQMtXI1CjJKDE5zdzYMtHMzDLNBChqbGm5uCy1aMHS0uLUlKRDSypySnKaVpfFhzrGuzn6evpELnPOKMrPTV0BFgpzDVpsaGC5JL8oM32Ri%252BviopQ0hkUlxaeCD53cAwB4QCpX"
.doubleclick.net/ Name: IDE
Value: AHWqTUnErGwzjMZxJnrE_xmH9D0EqMWoJ1s52Qj2lhIFO8o8Ai8oijBq4pb3hTL3eBY
.csync.loopme.me/ Name: viewer_token
Value: 9f62bbb6-25eb-4850-b475-0c03c7f32965
.ads.stickyadstv.com/ Name: UID
Value: b1014b44d513bcae9c0d9ff4d97d5db
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.rubiconproject.com/ Name: khaos
Value: LCNXU68Y-14-JTJN
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqf7pFasO6NrTWcmjUiJPF79lHqAw7DhXmPwRqZp4nVgvrE8rE6QZLoM5lQcvoTvdzNpGeyS5O/ttAPlTu0R9RN
.adx.opera.com/ Name: UID
Value: OPU7cd7886e65e14167b45557b02bbc2387
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.file.io/ Name: _pubcid
Value: c82e6037-838b-4010-a6e9-4f0b5942448d
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ecc194e402004da6
.twitter.com/ Name: personalization_id
Value: "v1_6hnoZuNjci7z2tCZxLis4g=="
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.spotxchange.com/ Name: audience
Value: 91ff1292-8fa2-11ed-a123-13b80d860006
.quantserve.com/ Name: d
Value: EDABCQGAKIEA
.quantserve.com/ Name: mc
Value: 63bb4187-8f1e2-8da10-56049
.mathtag.com/ Name: uuid
Value: ca8163bb-4188-4a00-a79c-5c36fafc315a
.mathtag.com/ Name: mt_mop
Value: 4:1673216392
.sportradarserving.com/ Name: c
Value: 1673216391
.sportradarserving.com/ Name: zuuid_lu
Value: 1673216391
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1673216391
.sportradarserving.com/ Name: zuuid
Value: 048d9273-b562-418d-9290-5ef91e816680
.sportradarserving.com/ Name: pvc2
Value: lT7qKhIOVm91I1YK25zt82YKP6ceh4P0q-hEkPe7-QgdB9uI1KDZtEl4nXZR1PwbEiYiyO1nb7SdzUjjrKupVNw0FQntMP6SuBr6dQs5DdhgydlsYsFsrZL4mPpU8jZQTmTk4ZGVMkv6AhndljbVCObY3kPi_37EheaVCvdxUwpOpVJ954lCnosCmXV9sSSX7BXfujNRNG3zKNrbfpwYPcf7FfT3fn7vopsjFfboV5Xa9n6GYA1eMn2EqVYG4vkiVjS-zUyxLqd3jLibUZHZx9_5nrQTe3yla8c_rUcK4sZpqdkj2864aMRrymiDn8l-rGW11cJasXMepR-qdhOF6KOS9fkDAlDWudgP9nyGftHEgHIRGa_y9rtU3ylZtECWxPmBX1nSfH6-5uvRgTbxPvJL4gTOMoKfE3LODYjkfDQX7cSKN0QtbsDn22ZlsXe8W4Fbaa1Mdiy8Rn12TDk5c1ZxKSAkIdP3eLyD6xkGGJa0wihsHI2NyHiz6ARm_bTK-jaxkQWpUA1QF2tTfQb1qTh1w90m7bPo_kl9maI5QaMX7aNIt45KIFq3pN8kVUk6RG2YPdYLuVWAM8cdlLPMG6jf1qmYjal3c77Eqe5rZ6L5ms1G0IOQCzwA3V0mW35o_uB_exF98hL7Xqy03XXAY_ECko3tWYPYlUwQiDGe3sKoOn9oMPkgRdV6FKOHSbYsJeHMjPSw5gs6koEEjXcNWQWaRTdyyhOzYMl50v7OCIspbTCtsqSUGf7Ad_tYOF9hRvTiAjsoJUoVMvHDuXfiqrf8GX8w5orR9q0BTuLONkRBF21ZznqpHBXVK6FgVfjI-V4YrjNo83ssBGTINo1M64h6Glst9pdZ7FHlnLK_Xcjt1Nh7dH5UWPz4N4SFfoHabd-sJNgt3KAxDgUd9cJsvF8k2LBLrHofrfIY0E2CQOpnt3nh84I808XcuK6nMS75raSNFBZVmXng4aixKRuG1USDQ7nxXzdQ4oqRWEmSjtm7rE0q1a_SdCCH5PftzKgdVAP0paprwpcDcAwCU8sRijntQjtfFCQIIOUZ1GzeQKqNouSAHnmn5TQUtFM7fhoAPt8WGJtPl8cQ-i4G8URpqQ,DwJgOyrKUSc9prRwc89dAw,CmmkSDAxBK-38qK9Szq-Yg,niFepJCjdKM95kh8EVD_Pg,CmmkSDAxBK-38qK9Szq-Yg,rLJ2qYbsMBSmCClB0f-xtQ,CmmkSDAxBK-38qK9Szq-Yg,EQWruOmqRhlVXWwAl3AA4A,CmmkSDAxBK-38qK9Szq-Yg,n5ENMtPnaUNauHAOR0tG2Q,CmmkSDAxBK-38qK9Szq-Yg,9O-2738D36FOXdiX0wjzMQ,CmmkSDAxBK-38qK9Szq-Yg,NZQ26PTCWeVQHyKoC9PCYw,CmmkSDAxBK-38qK9Szq-Yg,z3nCnOmQ42TNpAEFBQAhJA,CmmkSDAxBK-38qK9Szq-Yg,pnTqLSYLYH1fOvtWoVozBg,CmmkSDAxBK-38qK9Szq-Yg,8Xw1dLAt61U54fr5UAiCzA,CmmkSDAxBK-38qK9Szq-Yg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yahoo.com/ Name: A3
Value: d=AQABBIdBu2MCEKtHQfh75txZWx8dNYTtuAUFEgEBAQGTvGPFYwAAAAAA_eMAAA&S=AQAAAt8D9EFTxJHCWtPyZHEbAJs
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&77934b60-a3a8-417a-8081-eb406ea7e087"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzMyMTYzOTE7MjswMjEmFuOz4wsaNZ+zGRZkH3KqCPnIl86nJ94CUXdMj9MPWw==
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2564:u=1:x=1:i=1673216391:t=1673302791:v=2:sig=AQHDf5y21jHX89e14Tt2N2av1VI_1euk"
.tribalfusion.com/ Name: ANON_ID
Value: aonseFq0I1e9yNy6Qw6T1GbZdF5NQ8UcYOmHqYXnTLuTafaRa7wv34ZcBkTdHqdRq7ypBiriQ3QMYgJCPki6M0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.prebid.a-mo.net/ Name: __amc
Value: 5_1673216389_1673216392
.adnxs.com/ Name: icu
Value: ChkInZeIARAKGAUgBSgFMIiD7Z0GOAVABUgFEIiD7Z0GGAQ.
.amazon-adsystem.com/ Name: ad-id
Value: A3xwjoJSlUajiMg-36ceSN0
.c.appier.net/ Name: _auid
Value: n_yhuZfSA26k4myMiEG7Yw
.c.appier.net/ Name: _gu
Value: CAESEO9fkx6cLDJYA9dMBKweBC8
.fwmrm.net/ Name: _uid
Value: "l2703_7186409682771570967"
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: l2703_7186409682771570967
.ads.stickyadstv.com/ Name: MRM_UID
Value: l2703_7186409682771570967
www.file.io/ Name: _lr_retry_request
Value: true
www.file.io/ Name: _lr_env_src_ats
Value: false
.bidswitch.net/ Name: tuuid
Value: dd559210-d150-4357-aa82-bb816a971c38
.bidswitch.net/ Name: c
Value: 1673216392
.bidswitch.net/ Name: tuuid_lu
Value: 1673216392
.analytics.yahoo.com/ Name: IDSYNC
Value: 1991~29ba
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY3NjM3NDIyNBXiM9QNMTF3dwzUNUwvNfYBAJdELeUlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY3NjM3NDIyNBXiM9QNMTF3dwzUNUwvNfYBAJdELeUlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZm5sZGhmbGlkaWIIAFZvGwcQAAAA
.file.io/ Name: cto_bidid
Value: _9TaUl9UdU1FbDA4N0w3YU5NTm94R0o2MEJwdkFKdksyU0JIMVR6VGMlMkZ2VWppMnJoT2R0WDV6UXRvUzVBSEJ0V1Q4RDglMkJLRjZ1Nk5PcWZIZ2JHRSUyQmRndlNwQSUzRCUzRA
.go.sonobi.com/ Name: HAPLB8S
Value: s85112|Y7tBj
.criteo.com/ Name: uid
Value: 724f99d3-0114-4806-919c-ea2f903a834f
.file.io/ Name: cto_bundle
Value: 3Cl2FV9OZzRmZk5DUjBOYUpCRnc4dFROYkhXYjUzNGhHazYxYXdsblBHV1c5OHdVNmM3amRZZWxySG5rd3lub1V3R25oeXVjYURvNXBCaTBNQU90SXFCZ2lZMndDVWhVQUVKZXh0Q0VaaUJrWmQxVHRseSUyRmRtYXFuSW5BUkhERnNVeGtQWXdGJTJGZ3ZrdSUyQmVWMGFNREIlMkZxQWtLdyUzRCUzRA

9 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9877.W32v64kH74yVzvOFiSgDEQO57EjRUdS-dGa6qLAy7yNQY-JjI0e9or6Ym1wwLkxVEH_uJxv4IjTHDWJFpOHBnzPsk9mAUz5DoGoAjNX7mBE%2C.GOFV5XTR3jBUUztD6xVsZCChw4w%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://file.io/B6DsLalNndDE/metadata
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1673216390902-930099590237-006468-011-008621%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15621291058250383360/index.html".
network error URL: https://sync.aniview.com/cookiesyncendpoint?auid=1673216390902-930099590237-006468-011-008621&biddername=56&pid=5f2063121d82c82557194737&key=9f62bbb6-25eb-4850-b475-0c03c7f32965&gdpr_consent=null&gdpr=1
Message:
Failed to load resource: the server responded with a status of 502 ()
security error URL: https://cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15621291058250383360/index.html".
javascript error URL: https://www.file.io/error
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.file.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.c.appier.net
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c2shb.ssp.yahoo.com
cat.nl.eu.criteo.com
cc450234fe9285f8163944b421052415.safeframe.googlesyndication.com
cdn.exelator.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
content1.avplayer.com
creatives.sportradarserving.com
cs.emxdgt.com
csm.eu.criteo.net
csync.loopme.me
d1oykxszdrgjgl.cloudfront.net
dclk-match.dotomi.com
dsp.adkernel.com
eb2.3lift.com
eu.sportradarserving.com
eus.rubiconproject.com
feed.avplayer.com
file.io
go1.aniview.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
i.clean.gg
ib.3lift.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
lexicon.33across.com
load.exelator.com
loadm.exelator.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mug.criteo.com
mydmp.exelator.com
onetag-sys.com
onsite-tag-logs.apps.nielsen.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
px.ads.linkedin.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.aniview.com
sync.go.sonobi.com
sync.mathtag.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
targeting.unrulymedia.com
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
track1.aniview.com
track1.avplayer.com
u.openx.net
ups.analytics.yahoo.com
web.ssp.yahoo.com
www.file.io
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
104.109.78.125
104.111.217.42
104.244.42.67
107.23.246.142
13.32.27.89
132.226.63.138
142.250.186.34
147.75.85.234
151.139.128.10
162.19.138.119
162.19.138.120
172.104.45.159
174.137.133.49
178.250.2.146
178.250.2.148
178.32.210.227
18.134.84.15
18.156.0.31
18.232.237.173
18.66.112.123
185.255.84.151
185.29.132.241
185.64.190.77
185.86.139.104
185.89.210.180
185.94.180.124
193.0.160.128
198.148.27.139
198.47.127.19
2.23.97.10
2001:4860:4802:38::178
209.54.182.161
213.19.147.42
213.19.147.45
216.52.2.19
23.203.124.180
23.35.236.201
2600:1901:0:8344::
2600:9000:211a:ae00:0:1651:6140:21
2606:4700:10::6816:545
2606:4700:10::ac43:2483
2606:4700:20::681a:346
2606:4700:20::681a:8a9
2606:4700::6811:190e
2606:4700::6812:19ad
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a00:1450:400d:80c::2002
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::21
2a02:2638::c
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:c::5c7b:6837
2a02:26f0:dc::6853:4bb
2a02:26f0:f700:4::212:4f15
2a02:6b8::1:119
2a02:fa8:8806:13::1370
2a05:d018:d29:3602:f84d:3d72:727e:650c
3.123.244.55
3.124.199.76
3.124.23.197
3.225.232.73
3.71.169.66
34.240.26.227
34.95.69.49
35.157.246.167
35.158.19.152
35.214.223.115
35.244.159.8
51.75.86.98
52.0.141.180
52.202.176.118
52.223.40.198
52.50.247.181
52.58.228.255
52.95.126.138
54.196.150.187
54.78.254.47
65.9.66.104
69.16.175.10
69.166.1.12
69.173.144.138
69.173.144.139
69.173.151.100
72.34.250.78
76.223.111.18
82.145.213.8
96.16.141.156
0175d5dc8547bd8c88dcde5c30989501e8cdf8198d5aed2e1174be7302c5ac97
01ed26aad31409ebd76f923ccf34de21ad90a21a9ee73e3e3ed5dce764debfb7
038e7a798a735ef7d9c944b2ca0ccc27dd406d6a03deba3ad68cfb2fb6f767f1
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
0650765f752c3ac52e57509c9b4fd97c2a1f00318a39ff656244877aba5b9bc8
069ac261a5bec6cac5978302a18ae038b0e052511723603810566a6d5213a6b6
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08fd1f3537ae07d0a24445ce6cfaa98400998c14e7a1a23465071d79af85d4ce
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a9a4d1079d056e620a45666110f2250ad1325a9a54dcda074d51b964e30eec3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4e159f37b9cc419bc03067a03a9be0aa005df6aecb85414f0d9fde1b438946
120fd27087495fe58d4e9a22403aaf16970d830ebd8d42eec26632a8268fd75f
12caeebe79c2e98bb652bbb19175cdca24f33507d056b442614a5e2e2ef65677
13a1e876bf6480dd55337e6a5b68920247d48c7d60309d43f77a16980f4498df
1524b8dcdc09aac2e16e894c6c9bfc102b7fb0c47d9250e05eebcf79335e8fa2
153138da6d28e58de2cbd7b1f60fe758aa83ab73100a9ec6622448f5a48c03b1
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959
1ab1a72b4a985ad8ef0916f4e0cdbff9f6513565ddf133c238ef989dac7f9b20
1f11eba7f0f5d650cf1b17accd01feca8f5a7d7fad633f793f5360d65e03ed9e
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
232363d3a721ad9d32241a247a74bc910f56f7e8de0d628e1b3fab5b131e96f9
25513f02ff709aa1896f50a040b3157489a1cc8d30913751dd9f41024a28092b
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
28094e188a2484c704e80f8445a56fb8f166ed671439d48fa6638b35a4fb6e85
28d52e5f4399d21e5870c1aba17803b0648d22bebd5034282891f20e549f9f99
29068075dd38ffbcda6046934a1d64140c8822b1fa5e84d0c31bd7a4f0a6e1bd
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2d4318673557e90ac7ec4ebe69b37a3cf349205042d9024f2cf336c8c1a84e92
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2ff53cb32ce4b8b958609f0e764f5097c5b5f964bca6c35a6afa21ad6ed51b67
311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d6a2340eead2575906fcd05e04f4bc3682f02f64b3b32351f9b1211185c859
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177
3467f40e63c6437cfa332c8e1a373937497f990240882bb38982e95132a67b8d
3c71fbc2708dd2077ace7f0718c708693494668bb3a84cfaf2292a7e27e296d9
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3daeb56d733521af5ae739faf4ca496ba714db70e736442e160906eba5c8712b
3eae67948d40ba7e48ffcdc4f534d48bcae6f98e5d1fc77afa1c7e931462772f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405f0df45165485cc091a4dc22cd21b419d57b2724ed46f3b874ced110fe5662
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
43fddf95be99e5763c1635fc2f9484d287c189aeec55986ad39d5880df7fb8ee
44e5a3fb0ff585db5b61c70b6ad6153a057555268d6177896b6ea8b26e334768
45ee5308145d13cc0880c3adb8beda01496af15b80e2a956caf1e94980908aab
46765852ce92bd45e5a190dcef398efcd9833c18eb51dfa5b87b6d8104e19bc2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a6a5825ba732b03fb7c6442d160e8dc58e548a0ddeb920aee35cceb6e19b4dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea4aac0ea23d8a2f161d7a2cdb85b1273fcc7e76f405a55a1e4fc6eb8faac0d
4ed318fdec1c3de124404af6921ef8c820a3ffbba9756fd1900b80a8ccdf5c1b
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5119a9c5ed6ef7293c4158e492c42037d65a3ace653adce8ef9ee44d3ad3f1bd
5184df0d9b24807d5e6ad6f15d9295ccdecc44425e70e3ed0087d3f584543254
5381bd9b9e0774fc2d064c9449cdcbe210fd9afe572ef691a467d3e45168b791
54513bce8858a826bd462343383985c6edfbea43269d206f1923e3f7f9f53c04
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe
5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e2bc0de80dec3d96b000d97adcb7a1cce1e7260555f4141f5677a91c730dbe
575c98ec8fe9ba7a1d743089ff82c15d72a4f5b2942e6bd41ee9e67952fecb79
58036583115dcc1204a5f789df13aa0caa52b78c59babc3482f862574267aea4
59b1ac5c2ceda4e20be81085c76502f91d010241dc4d7a7195056091b5e14ea6
5ae5389d8152f0bca655b4b46510e3813de22058bccef2eb79d13cab10a2b27c
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3
5e294119b0e22fffe6a7a75b2d193cd5839bdd1d21fd73e041dd9e8ef515de95
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fda1c945cc9d2d51b390cc0f12ed854ddd367d4490082ab9ebdb0064ab79f81
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
632c03898b7bb1e76b161befb7c87a918b5b708fb63faf8c0960cdbad9c9b8f8
65f49c7266b784a90a83c26915d751bc966ab715c49c5a1abe5be9999bdb6789
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ddaa277f2b802397fb1a8ec644eb8d771491f29fdc0e4f0d04a544dc8e8f321
6f7f913d11d3acf7b5654e94f04088875bec8671ceda454939d44550c06985fc
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73d4bd9f3e11ebafa8b9a5b4ad05c84a8a92e2301dc6b7785592c8f80e63bcb0
785224ce6a4947cca80b215623d42295f2c137cff714e238819c8e22c35a37d6
78f8e33aa2e615271beebc50e4ec060d39111f1c4d39042c7782127903fecf3e
7d51137511c645ae3650768d8e49f22612fb2563dbcdb172de8f6f836cc33b9b
7fff6da4e3109713aef26e8d366acca9e4a4fdb06a26351ad734a83b51026681
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8477ea76137ed135f4ede8b7302c862c7773e73aea58585a51e342c619b23c66
85aa70828130672094e1d2cb75bfc4739f49200c147c41be0d9640367362c414
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9379d65f20e0e45715fbcd8aa0ecc4667224bca59a46d5b725579e861a56b441
93a8a44cca820f9a7aa320974a3b8026218839c9829e86d4cff4eaa3b645a45c
94e8e8faf9bae6fdcdb16b729acef0104b2e5d9c921d434488a49d4bc5927d02
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98749e5b6b8df4b09ee457f1a7d48d709e40be84fa45ded4f1cbcb0859f4a2f0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884
9e5db31947ebff8c8fa554cf1296007e8ae36370faac506d2fd6f1db40706b8e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10b84babd06c1f4f61fcee6c4986f2bb073a1eb40ffa49a628cba323f229090
a18f2d88d49d75b93dc5c82afcac0e9956d7782d558d8eb974763494824305d2
a19504a816ccd4b9951187cfb9e077c2dde9ac68b8a61617439e407008a499b6
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a
a463abc2c7038e529f7016a46075d19dd43474b3f4fa5cf00c2c422829b32948
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54cc829e9e54c97f61adab5c35ac3225b179b11a792a91f49022d1db7b9b9aa
a6232601ee6ce1b8c152a7cc91d87d754d1e6e4050d4bbe81cddd77864af9e2c
a6ac622d38ff7386ff10f9d4fdf98898e1c1b08963329333177455579c8e0acc
a714a7e710cefcad42fcce67a08513eb8d19126a61d4ee10c3fb62a871b34fa8
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
a850fb3e0e81fa07cb2a4f53063157759050ce78a88a8ce56dc8fb1ff116fe6c
aa92025db7d6e619e6251e77dd26f5266bd18bdb3cd110b06b4ac6250762dc92
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c
ac5f937f4e780eeef3331ea8ec5714a01191d8719f82fc81551d393f0e955020
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adb2e9e059ded06e4d90112e3e0e740d59b3f76c3663f35f95062dceb12f4e12
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00de2b3705fb73910293f7ab518696f62a6dcde9b495e013579dae1de5bcd12
b2e12a86226fc0e27317e478f99340cab7a74240dd75db4535bc2cee8029f036
b31f6dd664273b5c083fe8de6f51abe488fae4b2958a3471e03c8cb249d8b3a1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49fc4be53267fd4964c63af23753a0ed9880144458d317a6457999ad086b0b2
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c1e44be0ab6ae787ba90277ff7f578d1a351cbcaad4ee262c667b963a2d7bb3f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4f6ceb73904b1fbff681f4f6636a7e8440f436a1dd6c428428b0431a54b64a2
c594639f9b5d12f1761b7c5170b64435db1cca4af52e350b844771c5faa5ef71
c5a8d1a618b46e19cbaa516a72471c7957149cbf5eb558aca666dbdc1bd6b950
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca25fbf015e76614b0929347de122fd0f7361bcbde687d44657027c2fc4f5f41
cc02474483461eeddcec8934b479585923c1f29a4837bdccd7fdb74b823388ea
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d24f66c7f0655cd06636a64eff59ddf8bfe30701ca9c6cda5d4b19415ec4c8a8
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d30d2c565bf5a7c183be7055573eb2fa29b73426b924f21018aef4f320eb7974
d7951cc3119f12678be6a87060a9711489490dc8b3a14c202af3f61fc592a4dd
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d7e26a4f0302e318a7f962a0a660746f0828d94fdfa9c5b848e8a498d1e0b9a6
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769
db0ea1049a19b857a18d434d1dadaccf848784fe4d9a7218b1261e91a343139b
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e0b10948c8f8424409e72354023bb956d7a6d000840271dae5bcc642c73906d3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e18cb430d37779613b30d164a96b6f76a1a2d58887a732f1fd7df440805cf2ba
e1acdbb2be0e53f823be920e3d1c3a6b22c1956e100f5b792a5077131f52a017
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb55814b5480b2e3473538bcc8b5fad2b3490e6c415f4408c100386be998d314
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f69f8a4977d80cb78465604b1e8e2bc251a2b700315fc88185ea8f2ca487c2ec
f6adc8d1333d3210036fb1f70540db20bce7b2540a199635eda879d05002e8c9
f6e71eeef1e40c63b69666f9d805758869d464935777c2e56ee6f90ee3b8b1fb
f78b804125d36b1a1c502fc0bc1aae64f96ade1ee9a773ba5def5b80804094ce
f7b7b3564951f4918896ad036986f09049f40deb96f6466da76b52ed2ddae04c
f901804eeaa85f61e6475ae089b19edc9a0fb3b721de4f5b8db402dd2f61f72d
fbdb949095dbbbd9191f9b2a846a9a5351ad32f6aae45a96ac2548623e826503
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fe54f611fd8bb72b3671c7819de874e00887842fa13411a3d3c5ca12e2df99fc
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48