www.file.io Open in urlscan Pro
108.139.243.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://file.io/DseDcCxBoGyr
Effective URL:
https://www.file.io/deleted
Submission: On February 03 via api (February 3rd 2023, 2:28:26 pm UTC) from US — Scanned from DE

Summary HTTP 306 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 73 IPs in 11 countries across 56 domains to perform 306 HTTP transactions. The main IP is 108.139.243.54, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io. The Cisco Umbrella rank of the primary domain is 931445.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 25th 2023. Valid for: a year.

This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.23.246.142 107.23.246.142	14618 (AMAZON-AES) (AMAZON-AES)
37	108.139.243.54 108.139.243.54	16509 (AMAZON-02) (AMAZON-02)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:2f8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:204... 2600:9000:2045:4600:0:1651:6140:21	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
8	185.64.190.77 185.64.190.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	52.57.32.9 52.57.32.9	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1 4	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2 7	54.216.221.232 54.216.221.232	16509 (AMAZON-02) (AMAZON-02)
15	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
4	52.28.147.230 52.28.147.230	16509 (AMAZON-02) (AMAZON-02)
5	5.196.111.65 5.196.111.65	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
7	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6822	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
9	3.85.152.66 3.85.152.66	14618 (AMAZON-AES) (AMAZON-AES)
2	54.80.246.179 54.80.246.179	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	52.0.141.180 52.0.141.180	14618 (AMAZON-AES) (AMAZON-AES)
21	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 24	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	18.195.202.31 18.195.202.31	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
2 4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3 3	23.203.124.21 23.203.124.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	124.146.215.50 124.146.215.50	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
4 4	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
4	52.44.202.238 52.44.202.238	14618 (AMAZON-AES) (AMAZON-AES)
2	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
3 7	2.16.186.10 2.16.186.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2603:c020:400... 2603:c020:400d:3000:bf17:cd18:9a23:846c	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
6	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	209.191.163.210 209.191.163.210	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	104.108.171.239 104.108.171.239	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	3.64.134.215 3.64.134.215	16509 (AMAZON-02) (AMAZON-02)
2 2	52.58.82.235 52.58.82.235	16509 (AMAZON-02) (AMAZON-02)
1 1	52.55.14.74 52.55.14.74	14618 (AMAZON-AES) (AMAZON-AES)
2 2	135.125.160.77 135.125.160.77	16276 (OVH) (OVH)
1	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
3	52.29.218.170 52.29.218.170	16509 (AMAZON-02) (AMAZON-02)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	54.239.33.158 54.239.33.158	16509 (AMAZON-02) (AMAZON-02)
2 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:25e4:d961:706:5b0e	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
4	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 1	3.69.181.161 3.69.181.161	16509 (AMAZON-02) (AMAZON-02)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
306	73

1 107.23.246.142 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-246-142.compute-1.amazonaws.com

file.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 108.139.243.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-54.mxp63.r.cloudfront.net

www.file.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2045:4600:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)

d1oykxszdrgjgl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.32.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-32-9.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.216.221.232 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-221-232.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.147.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-147-230.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.196.111.65 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6822 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.85.152.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-152-66.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.80.246.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-246-179.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.141.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-141-180.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.202.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-202-31.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.203.124.21 (Vienna, Austria) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-21.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.50 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.20 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.44 (United Kingdom) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.223.115 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.44.202.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-202-238.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.10 (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.171.239 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-171-239.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.134.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-134-215.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.82.235 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-82-235.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.14.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-14-74.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.218.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-218-170.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.33.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:25e4:d961:706:5b0e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.181.161 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-161.eu-central-1.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	file.io 1 redirects file.io — Cisco Umbrella Rank: 360392 www.file.io — Cisco Umbrella Rank: 931445	995 KB
36	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	211 KB
28	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 csm.eu.criteo.net — Cisco Umbrella Rank: 7891 pix.eu.criteo.net — Cisco Umbrella Rank: 7989	298 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	95 KB
21	aniview.com tg1.aniview.com — Cisco Umbrella Rank: 8177 track1.aniview.com — Cisco Umbrella Rank: 1753 player.aniview.com — Cisco Umbrella Rank: 1783 go1.aniview.com — Cisco Umbrella Rank: 4770 sync.aniview.com — Cisco Umbrella Rank: 2167	271 KB
20	rubiconproject.com 7 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842 eus.rubiconproject.com — Cisco Umbrella Rank: 537 optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4701 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 900 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1079 token.rubiconproject.com — Cisco Umbrella Rank: 548 pixel.rubiconproject.com — Cisco Umbrella Rank: 308	27 KB
20	yahoo.com 1 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1129 ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 web.ssp.yahoo.com — Cisco Umbrella Rank: 2704 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 816 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	4 KB
15	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450 ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 733	35 KB
13	criteo.com 1 redirects rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173 ads.eu.criteo.com — Cisco Umbrella Rank: 7817 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9566 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12826 gum.criteo.com — Cisco Umbrella Rank: 388 mug.criteo.com — Cisco Umbrella Rank: 2753	81 KB
12	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 203 acdn.adnxs.com — Cisco Umbrella Rank: 534	60 KB
7	stickyadstv.com 3 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 629	5 KB
7	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 10800 player.avplayer.com — Cisco Umbrella Rank: 8915 track1.avplayer.com — Cisco Umbrella Rank: 9553 content1.avplayer.com — Cisco Umbrella Rank: 12325	154 KB
7	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1538 ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	2 KB
7	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 650 match.360yield.com — Cisco Umbrella Rank: 2166	1 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9092	2 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902 s.amazon-adsystem.com — Cisco Umbrella Rank: 271	4 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 499 eb2.3lift.com — Cisco Umbrella Rank: 329	2 KB
6	yandex.ru 4 redirects mc.yandex.ru — Cisco Umbrella Rank: 3735 an.yandex.ru — Cisco Umbrella Rank: 3827	74 KB
5	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905 targeting.unrulymedia.com — Cisco Umbrella Rank: 744	891 B
5	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	2 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 389	2 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	1 KB
4	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 931	617 B
4	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 882	784 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 568	2 KB
3	media.net 3 redirects cs.media.net — Cisco Umbrella Rank: 1349	3 KB
3	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	145 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1097	796 B
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 4579	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 693	2 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4461	746 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8741	696 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2192	25 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1340	104 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 23236	320 KB
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1656	247 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3041	532 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4380	618 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 640	304 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 592
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1204
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 835	314 B
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 4426	233 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 813	498 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	860 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 23543	440 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 964	1021 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3472	526 B
1	cloudfront.net d1oykxszdrgjgl.cloudfront.net	43 KB
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 912	943 B
1	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 30488	684 B
0	rlcdn.com Failed api.rlcdn.com Failed
306	56

	Domain	Requested by
37	www.file.io	www.file.io d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
24	cm.g.doubleclick.net	2 redirects 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com eus.rubiconproject.com
21	static.criteo.net	ads.eu.criteo.com
12	tpc.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	hb.vntsm.com d1oykxszdrgjgl.cloudfront.net www.file.io
10	pagead2.googlesyndication.com	hb.vntsm.com tpc.googlesyndication.com 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com www.file.io
9	track1.aniview.com	player.aniview.com
9	c2shb.ssp.yahoo.com	hb.vntsm.com
9	ib.adnxs.com	hb.vntsm.com acdn.adnxs.com
8	hbopenbid.pubmatic.com	hb.vntsm.com
7	ads.stickyadstv.com	3 redirects www.file.io hb.vntsm.com
7	mc.yandex.com	3 redirects
6	c2shb.pubgw.yahoo.com	hb.vntsm.com
6	ads.pubmatic.com	www.file.io d1oykxszdrgjgl.cloudfront.net
6	csm.eu.criteo.net	ads.eu.criteo.com
6	player.aniview.com	www.file.io
5	x.bidswitch.net	3 redirects
5	prg.smartadserver.com	hb.vntsm.com
5	ad.360yield.com	hb.vntsm.com
4	id5-sync.com	hb.vntsm.com
4	targeting.unrulymedia.com	hb.vntsm.com
4	match.adsrvr.org	eus.rubiconproject.com hb.vntsm.com
4	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
4	token.rubiconproject.com	4 redirects
4	eus.rubiconproject.com	www.file.io eus.rubiconproject.com
4	sync.aniview.com	www.file.io
4	eb2.3lift.com	2 redirects d1oykxszdrgjgl.cloudfront.net
4	www.google.com	d1oykxszdrgjgl.cloudfront.net 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
4	79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net
4	btlr.sharethrough.com	hb.vntsm.com
4	prebid.a-mo.net	1 redirects hb.vntsm.com
3	acdn.adnxs.com	d1oykxszdrgjgl.cloudfront.net
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	prebid-server.rubiconproject.com	hb.vntsm.com
3	optimized-by.rubiconproject.com	d1oykxszdrgjgl.cloudfront.net
3	web.ssp.yahoo.com	d1oykxszdrgjgl.cloudfront.net
3	an.yandex.ru	2 redirects
3	sync.1rx.io	3 redirects
3	c1.adform.net	3 redirects
3	cs.media.net	3 redirects
3	px.ads.linkedin.com	2 redirects eus.rubiconproject.com
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	www.googletagservices.com	79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
3	ads.eu.criteo.com	79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
3	content1.avplayer.com
3	mc.yandex.ru	2 redirects hb.vntsm.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	lb.eu-1-id5-sync.com	hb.vntsm.com
2	c.eu1.dyntrk.com	2 redirects
2	pm.w55c.net	2 redirects
2	ssbsync.smartadserver.com	www.file.io 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
2	match.360yield.com	2 redirects
2	pool.admedo.com	2 redirects
2	rtb.nl.eu.criteo.com	www.file.io
2	track1.avplayer.com
2	adservice.google.com	d1oykxszdrgjgl.cloudfront.net
2	adservice.google.de	d1oykxszdrgjgl.cloudfront.net
2	tlx.3lift.com	hb.vntsm.com
2	script.4dex.io	d1oykxszdrgjgl.cloudfront.net
2	i.clean.gg	hb.vntsm.com
2	www.google-analytics.com	www.file.io www.google-analytics.com
2	hb.vntsm.com	www.file.io hb.vntsm.com
1	lexicon.33across.com	hb.vntsm.com
1	1f2e7.v.fwmrm.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	pix.eu.criteo.net	ads.eu.criteo.com
1	fksnk.com	1 redirects
1	u.openx.net	www.file.io
1	secure-assets.rubiconproject.com	1 redirects
1	ups.analytics.yahoo.com	www.file.io
1	ap.lijit.com	www.file.io
1	sync.technoratimedia.com	www.file.io
1	csync.loopme.me	1 redirects
1	rtb2-useast.e-volution.ai	79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.go.sonobi.com	79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	ads.avads.net	1 redirects
1	tg.socdm.com	1 redirects
1	go1.aniview.com	hb.vntsm.com
1	rtb.fr.eu.criteo.com	www.file.io
1	player.avplayer.com	d1oykxszdrgjgl.cloudfront.net
1	feed.avplayer.com	hb.vntsm.com
1	tg1.aniview.com	d1oykxszdrgjgl.cloudfront.net
1	hb-api.omnitagjs.com	hb.vntsm.com
1	d1oykxszdrgjgl.cloudfront.net	hb.vntsm.com
1	ad-delivery.net	hb.vntsm.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	hb.vntsm.io	hb.vntsm.com
1	file.io	1 redirects
0	api.rlcdn.com Failed	hb.vntsm.com
306	95

This site contains links to these domains. Also see Links.

Domain
mrcowboy.com
bid.glass
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
github.com

Subject Issuer	Validity	Valid
*.file.io Amazon RSA 2048 M01	`2023-01-25` - `2024-02-23`	a year	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-01-28` - `2023-04-28`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.a-mo.net R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.aniview.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-14` - `2023-08-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
outstreamedia.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://www.file.io/deleted
Frame ID: 334BB5314122EF6A0B643809669F1059
Requests: 166 HTTP requests in this frame

Frame: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1CE3B1FEBB30E1D6303765C0CE85964A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34EB32622EDE49BD2BCFAC6D131F1B63
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA47BF106E87EFC22253F82956B758A7
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Frame ID: A42B3CE6DF0D4A49856CCDC7ED422909
Requests: 7 HTTP requests in this frame

Frame: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9418A682DD04C70293E90CF1738FE82B
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAALscIu-H4AAwZ1JXKJXLc6OGaeRx_cg&u=%7CwGbAbjAltplE8ACHz2cbnDlT7DWQ8B98Q5NCnr2V3Gg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTMFRL-I4lOsZY7L7jSxM1rrwEXKhEWVcHBPNgFNXC0gpAWPgFBiD6h0S7dEZsfOeI-Y8vuJHZ-l6QQ5sQpOuWjc1IRtE0j_MDMd9acTVfdcWfOtuvms9x1B9z1gEZQct1wpMFCEBgo9KmaZMyMrz_c6FUeXOf1jZMTuMtbXBE8G7fttOdk8Hn5BrcHUHTcYqHXsEss49dL5flOtglY1DRDLkAV183vnrk-fs-wGDquSdHsvsEqqbMfFOSBzC21g16tFlblpbTcEmyvllOKkB0moQxdXFM_3v3cP2iSH6EdhpZgpHmUH_uL72kLHr2_n3GjYlFOgona8Fk3yZftB2siSJb8eDQsGOxxxyEAo8ZkuNYkVbJpbVxddNqhqAMERFMi8mAvd1-0dbEVHyLFyCn4UIELXPzJLpEzzlhbX0nM2KTJL2yuAmUczqw9x7bKd4PqhpNMrRQpjuL4xVCuGdNL_C1nLrBAUVL8VKKwB6m_L8mF34I6gw57v0VTtPJOvwj15pqhGzLJDU5_WAHCj8SYoAJpk2A-iEj83QOdnv9dn6I9L6v7G10A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcQfAhrdY8dd-MPv9Q_Us7CwDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTc4MTUzMTIwNzUwOTIzMsgBCakCDqjL0mBHsj7gAgCoAwGqBJYCT9CIUi2zR8dBs-nbw596L7DV9RomAgJC6hg0bhk0wGAKOasK9jYrMrseh5Ar9QZ3sFZZJomAb1douBgzS6yjOJWMPFDjLaihk5NZwBjB9V4YVYECpcXeQ3PbRVjqFArjyEddea886D9ddTp8xsnKnJhkc-bhalh3ExafvTjce6KBilc4SNryZoJAdT9sJX4L2zSBZ4u9uA_6UjWzZhcjx0ZLYaGvzODTISczXwSQgSRT2Oe0ZqYcj5dQ0nCM8pwxlLMMLO4tJ2iTe4y2GowuPpFf__HIa-TeveR-gPyN5eZCHuJM0IT2NFr66bs62T7GBaBz95EH26N09sqoqFRV68LT2IWXDqesEhIocDrlYSxzYr_rmWHgBAGABpr_i5Gg7I_vwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25gQfzC9YqSK8MbypbHPLrjn8rJQ%26client%3Dca-pub-5781531207509232%26adurl%3D
Frame ID: 47CF30BC35D2D31B7F25832DB709C1F5
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38CE5430E88A7BFE863D900D6AE8BBD7
Requests: 9 HTTP requests in this frame

Frame: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E72F7D33C0F0E939A093765ACEF79DA5
Requests: 10 HTTP requests in this frame

Frame: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E79FBBE3DDA7CE01FDEC4CB7F061B88E
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAD6DoH_Z4tAAu9x3gleV5kgnWXJAympg&u=%7CwGbAbjAltpl%2F9jx19NHvr42mjOoM9SVHhVIu%2BpIXiK8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTMFRL-I4lOsZY7L7jSxM1pQ2wA9Pf0Dtk6TQCdSSsfE-zKVBj36NnB8lFdUr7rWkN-V1ccNCRNlK-fGpLZSldZnlAXdyFWq4MjfienmgmMKkMmuJFKzIcAMTdTBTjaBlcu2OR1V_PYlKcQHxUa_wd0wzDe77ZuEqYnNr11QXnWf1SuKF7javHXlDTIIdUBcqU0KjUwT1UVixUBOkos_63zrXfTb28PJpBoTP8jc9qqoN1qxNhot6FKvVsAMVgfygquIfwhe4u_C1_ZkiDbMF01VWrPInSVT-SvkQIAo0Zw8OI8XRw1mM2AlZU_WCnqxjrC1J78mn2ci5A6G9Us8Ne13dpDxh9zLBL53sDDrG-91VubuYonzu6HC6HPOWMCVEYUOncWC4Ji4VblSOEBVmJhADiVa3ek2q7s1ueFhLiRpKNv1Bjb_1iIn7bpLT-ebiVx0rrSFLbixiVcfUQBo4_klr8ITRpHjRF3QV64jvBug9ulk0f9DPlY8UqPn5vDlma7af5Eu6kxckf4Xm_acVz55WpYDFqcwy6VRdr_d85IV8gZVuWnZS_E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1aMKAhrdY7rQD6289u8Px_uu-ALJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAtSmKH7oSLI-4AIAqAMBqgSWAk_Qd9OZ0leYJr018LSV-TTJZcEqZ3CtD6GErBI56NLkOtlOaXVn2CO-sOGpkkEZeMPSClfOVHSU2nEWTVx8oiA7HF7DVrYg8ulTNpRMm9qIJLNDuklgYf0RpEsVBMgZkKbWJkdcoIQM8lj7_NOdX8og0mE5G-q_TH1IOP4ZyR69zVJvlCVI_ADFXcFkaCzUFU12dMFOhRY6dCx-LxDuE2OIdqo5cwJoxpYMYfqzHVNEesIcmfZqfpJAoFkxhIyTCH8GUdBvnHDzg58Twv7pqaF2IuadwXRKYKC_mIhwkm7r1ZKdFyDim-6hj9GApn5PYNaAKnT__jQas1SoJwm8tLuf0nOTFYbIq4BtMPRp-QlErMFzQCga4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ANJR96T92Oxg-xKqn1TsslpzQvQ%26client%3Dca-pub-5781531207509232%26adurl%3D
Frame ID: CE923C802A663BB4CE5BC177CED17B6C
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 130387170D67275CB6F12FC379D693B3
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAHdvkH_ZGFAAQ6qNqTR4_trqbD_tXtcA&u=%7CwGbAbjAltpl3BlqT1hI99pw9cXk%2B5a9nEQYFVLn%2FhEA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZzyYh2cWrQCA7ZKOeOhZTlbyWr7DbuiBJZhyD0YEWX41xrvKQsoQe7Lm29CHiRj3EMuW81RAQbj61leBuwMTqrQGXEMSupvHKgMlCI-kZ7b_DhpoEwOHliXBbMMwomiCFIruXCrMi8ZbZ5qyqUZklB7Ay1mB4Gjgx7JJBBoWUDbbJz9qQeuqX_opW28MqHe-81InUoTPcwJT0wKOBpj4kZeUWEsqycBEUiAO0kDkcbCW7bD5M_GIScOFc3o-9TNDbD4crj0TnxTMmJbW-cF-SD3_lULvtICKWRF2nhOAzCOqU1j3Z1YhTC39DtHWepwRqYGn4DSOiVt_k2ZWyoqhcS0nL3EBBXlJxalUKfdkikzPdj1NySYcmYXf6vmQvFtpIyoUmiPM5UzCDHY6P6gOMK7S8W-sFqgSkSrxPHQ_GGyJQ8BXii51_bNV3PvIT77ijOJZqNZijJG8bOGa9JhQ7cjk0mMlbggv6RCq5Ny81eJuAz5RRHOR_a0tKG2v5CmI42puM-bCCshL3kUQhvwNrgDXZaVROzFCXng_sO3EWRcU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf23TAhrdY_ntHYWj9u8PqPWQ2A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAhSwXeC_V7I-4AIAqAMBqgSWAk_QH9muZqn3F93tlHGPNN35-7YBye2NKlu_pJiA2ROSvrt4JeMGngIe21z-3MHY2vejvJFux2iQZqf-DuZ_2eYMfq-FMsKU0Gjte4ABDQrhlXmcV9oaIr6d0kJSV5J9qJ0FjGZxHaHwDJ91bR6juH16hTRiZ9ze56-nyoE7kyQxieIijMxuXa-UjYuetxTh4UChBeMNrYzCbSP9ruuyS8lG5fmBMjRS7YrajGEc4l8T86RHOOYGr0yi8O24y4azakvZ3crlegorOhGw9PcSvpC_F3M4xSC5WC0iJPjJwxMGHvGSa5dlU0u_QN3K3Pwi45uVQq0BloSEzvKwQ0A6YuNSDHU5qlx1FKmThSIAoM1DK9i5K_814AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TNdFLJm8p2LnJD0J01k0Py1vamA%26client%3Dca-pub-5781531207509232%26adurl%3D
Frame ID: 632F72E93DF845BBA2BD9B35DD059334
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D7BE571FFD5270DCCF82CC3BD9CD0D0
Requests: 9 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=56&pid=5f2063121d82c82557194737&key=5c372909-5a69-45f0-8799-7a5e152bfafe&gdpr_consent=null&gdpr=1
Frame ID: CF0B6B48F89ACE7C180A889E78DF3BDA
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Frame ID: 77751E6092DB16E981767909A5BC82D1
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=f784a2b9ba63e56f8a85a1fb43c292f4&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 96BD4D2935495E105DA3BDC744329838
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: C7AE28A79C48E9CCD18F10DE3BBF8F4A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=200&key=OPTOUT
Frame ID: 89DC327A3BF522C086B6B75E3A11977E
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675434499074-925372504357-001494-011-006239&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 058B1D3F5236C77BB488EF0780FB8010
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D1%26key%3D
Frame ID: 49110F66380F5E6AD16BFC1400DD0B11
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D18%26key%3D%24UID
Frame ID: D3A58CCC79255BDEAF935F2200E2B2FB
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: A5E650DAF27C942A15ABD20CBCEA5BBD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: CA21EB4DABD7587DE89D29B4940CAACC
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D23%26key%3D
Frame ID: 036B587A2C748734592285B80BDFEE22
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=105&pid=59c9148628a0612da3689288&key=1119ec94-a552-4fe1-9564-ee0d165ef369&gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 4029DB7C6C657731EAD08EFD9D536A6B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 44B99939B82C63074FED483B8B05ECAF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: DE24B075FE25444F1B9B732C436BBD33
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 869973A04BCF4B8AF8F666B3C0B84E42
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: 793EB8059261B0A0C9A73F600A0239F0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: F03DEC8AD992E8444EB30C7E4A8EABD3
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D18491038644CE2E1325AF9359903544
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EB1F8931177FE936DB06995E4063A6BE
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 57379534F88F01D771460FA7A70110CA
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 897C44E645D60A2FB5F6727C575A8670
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 47D423E0F6906D8C6C246A6E5A81975D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A150AA818EAD3FFA3D0EA39A4A7B840C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deleted | file.io

Page URL History Show full URLs

https://file.io/DseDcCxBoGyr HTTP 302
https://www.file.io/deleted Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

306
Requests

90 %
HTTPS

32 %
IPv6

56
Domains

95
Subdomains

73
IPs

11
Countries

2874 kB
Transfer

10557 kB
Size

76
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://mrcowboy.com/
Title: Mr Cowboy LLC

Search URL Search Domain Scan URL

URL: https://bid.glass/file.io
Title: Advertise

Search URL Search Domain Scan URL

URL: https://twitter.com/filedotio

Search URL Search Domain Scan URL

URL: https://www.facebook.com/file.io

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/fileio

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/file-io

Search URL Search Domain Scan URL

URL: https://github.com/file-io

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://file.io/DseDcCxBoGyr HTTP 302
https://www.file.io/deleted Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9903.rY-RXjQmDAcCy4hUaUdW_n8PWigGUXSxJuG0HzIEFAL3Ok0nlqFTFeirymLLXybk.ZWqX2l6OL37HqF1vQHP57cxvRGg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9903.dLQRZ5qUp_r8SR4ynxaIkSNlW9hHauafg4SHjBmEi8LexU4jlIR8jPKc89jBnbq7ooTVyqcJlsoQDJNZ-7qwC4oNOmJGUyqQdxJBaPuGUO4%2C.ib9pUJ4Sy09UehXhJASRBnS7B_8%2C

Request Chain 63

https://mc.yandex.com/watch/90916604?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A17248978121%3Ahid%3A526444345%3Az%3A0%3Ai%3A20230203142817%3Aet%3A1675434497%3Ac%3A1%3Arn%3A1022881094%3Arqn%3A1%3Au%3A1675434497878974128%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A36%2C41%2C157%2C38%2C343%2C0%2C%2C25%2C0%2C1014%2C1015%2C0%2C640%3Aco%3A0%3Acpf%3A1%3Ans%3A1675434495472%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675434498%3At%3ADeleted%20%7C%20file.io&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A17248978121%3Ahid%3A526444345%3Az%3A0%3Ai%3A20230203142817%3Aet%3A1675434497%3Ac%3A1%3Arn%3A1022881094%3Arqn%3A1%3Au%3A1675434497878974128%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A36%2C41%2C157%2C38%2C343%2C0%2C%2C25%2C0%2C1014%2C1015%2C0%2C640%3Aco%3A0%3Acpf%3A1%3Ans%3A1675434495472%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675434498%3At%3ADeleted%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 69

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9903.T2oua9dht-6LNdRdo7cq-MPeT7sa8KF-Aoa8qaiOwPgMtAmhPPHfn4hKbU2JLI7-.e9KMJSGprSAx2gZi4mUqM1WBYWY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9903.2doWru5y6RcFR9r6il5sbB247fMlv4ABKZrrP3LPPdhPPhedsHYwPy2KkPOa8_AAIgUFiny3Xnrkl-M86_ki4O9uOCL_y36SX4dRT8jZPbY%2C.03crMqRmIgtnjBrpfeyAtHRtRK8%2C

Request Chain 129

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDxufTr3LvfAiMUwDGTI_EQ&google_cver=1&google_push=Aa02lx_w8Lhoc4NyegTZBQm6-mNPEEuFzQ8Dnx_-MjuJunW4fP44OuR7Ey8Bw2zt7GOVgW3NQdNuCQZdkEeUBE-viPDW2mnXbzFz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx_w8Lhoc4NyegTZBQm6-mNPEEuFzQ8Dnx_-MjuJunW4fP44OuR7Ey8Bw2zt7GOVgW3NQdNuCQZdkEeUBE-viPDW2mnXbzFz

Request Chain 130

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGvo0r6LkXR6FuvqM8MlQ7g&google_cver=1&google_push=Aa02lx-tqV3foFdRY6P-S11MP4rOw9trDVRa0F24ewdD_pPWxGEoVq_N3HXPujUiq_P3AKMlq64fyu93FRsTESWcjwH-5DasrslSDg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGvo0r6LkXR6FuvqM8MlQ7g&google_cver=1&google_push=Aa02lx-tqV3foFdRY6P-S11MP4rOw9trDVRa0F24ewdD_pPWxGEoVq_N3HXPujUiq_P3AKMlq64fyu93FRsTESWcjwH-5DasrslSDg HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=4393a371-46df-4df8-a28a-b8d3700bb928 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=4393a371-46df-4df8-a28a-b8d3700bb928 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=df1bfa22-4508-4f83-a1ce-66f6c6805d7b&user_group=1&ssp=google&bsw_param=4393a371-46df-4df8-a28a-b8d3700bb928 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-tqV3foFdRY6P-S11MP4rOw9trDVRa0F24ewdD_pPWxGEoVq_N3HXPujUiq_P3AKMlq64fyu93FRsTESWcjwH-5DasrslSDg&google_hm=Q5OjcUbfTfiiirjTcAu5KA==

Request Chain 131

https://match.360yield.com/match/ebda?google_gid=CAESEB69kXD0Mg9S22YJ_gUX-BQ&google_cver=1&google_push=Aa02lx_Rpk78H0WU9XEhzncV8mtK3n1oJiUlcDp6zcbXjeM0Tu2rwmlzoyuzQrS6CUcI8NARPVqjrfeHj3iBRaa6UwTZYxFRbLrH HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEB69kXD0Mg9S22YJ_gUX-BQ&google_cver=1&google_push=Aa02lx_Rpk78H0WU9XEhzncV8mtK3n1oJiUlcDp6zcbXjeM0Tu2rwmlzoyuzQrS6CUcI8NARPVqjrfeHj3iBRaa6UwTZYxFRbLrH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=K3IEIGRBRMW5BW-ekrD8Ng&google_push=Aa02lx_Rpk78H0WU9XEhzncV8mtK3n1oJiUlcDp6zcbXjeM0Tu2rwmlzoyuzQrS6CUcI8NARPVqjrfeHj3iBRaa6UwTZYxFRbLrH

Request Chain 132

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECKT7utaY-RNcv3U3GN_XSE&google_cver=1&google_push=Aa02lx8rZSl6JbOwjlm9BfkA8-FL73e8b6CV4R9aszUqvss9cVdIbKfnx7vzsYIxGFo4_52ngo1bZa4FSNwUKaGYK2DsDWBVyd8rKA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8rZSl6JbOwjlm9BfkA8-FL73e8b6CV4R9aszUqvss9cVdIbKfnx7vzsYIxGFo4_52ngo1bZa4FSNwUKaGYK2DsDWBVyd8rKA&google_gid=CAESECKT7utaY-RNcv3U3GN_XSE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTI2NTczNDc0MzQyNzQ4MTU4NDYy&google_push=Aa02lx8rZSl6JbOwjlm9BfkA8-FL73e8b6CV4R9aszUqvss9cVdIbKfnx7vzsYIxGFo4_52ngo1bZa4FSNwUKaGYK2DsDWBVyd8rKA

Request Chain 133

https://cs.media.net/cksync?type=g&google_gid=CAESEDLDxdCGMjxul3XkNBFL2aw&google_cver=1&google_push=Aa02lx86MuXpMeentoh0LL9NY-Qsu23p54SioW1RVWVTi_6xWDcswIIxC76BuuhEnOESUrEH_N1gRG-kmh9QeWK1cbF2hpk3cyRLPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx86MuXpMeentoh0LL9NY-Qsu23p54SioW1RVWVTi_6xWDcswIIxC76BuuhEnOESUrEH_N1gRG-kmh9QeWK1cbF2hpk3cyRLPg&gdpr=&gdpr_consent=

Request Chain 134

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMOcZ_EIB9K3QBO03S-KK8k&google_cver=1&google_push=Aa02lx99Xo8miLlSJxA53t_c2XLghTHfsc_TfrdAZ-YAI3_SN4rItRmcDq93Vfv4wJAOyX7IfMDOfjadfOB4SDK0X5AHuYR2KRLubg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx99Xo8miLlSJxA53t_c2XLghTHfsc_TfrdAZ-YAI3_SN4rItRmcDq93Vfv4wJAOyX7IfMDOfjadfOB4SDK0X5AHuYR2KRLubg&google_hm=WTkwYUE4Q284WHNBQUhJdkloUUFBQUFB

Request Chain 135

https://ads.avads.net/sync/ggl?google_gid=CAESEHEHikCNfll9gmaG8wCO-SA&google_cver=1&google_push=Aa02lx--svtAF9gEqD2zAIxQoSPf48TmiAFB2EP1ZkuUwv8e_mkWI3D44dS7Tuj2Mrn40DZge7tpN_ARtUwQVKJR1uRaAH2vEey-NyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZTMxZTRkMTMtOTgzMS00Y2U5LWI5NjItMTdjNzRhOGNhOWEx&google_push=Aa02lx--svtAF9gEqD2zAIxQoSPf48TmiAFB2EP1ZkuUwv8e_mkWI3D44dS7Tuj2Mrn40DZge7tpN_ARtUwQVKJR1uRaAH2vEey-NyI

Request Chain 157

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEE5pTx64jTwRi8axg3m9EYI&google_cver=1&google_push=Aa02lx-VuGkXawSeJnzaSvrVGjjJLzP6OJsjmGaVABpWoX2cRQJMeB4g6WFtj0xw4ufhFGe3jjtjg9hHbT_6JLANaaHuQTHBl3I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-VuGkXawSeJnzaSvrVGjjJLzP6OJsjmGaVABpWoX2cRQJMeB4g6WFtj0xw4ufhFGe3jjtjg9hHbT_6JLANaaHuQTHBl3I

Request Chain 158

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE8NiHAXSAFRGGWPWowzMpY&google_cver=1&google_push=Aa02lx8Kv0zGcViFtTT1ibVmcxFiQ6ZLEFEpB0d8TWYwvBNJw4B2O8b6GEVkG_AwMIro0XRbGWxJ-SzbBTlNp_Pmnq8AojPHgw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE8NiHAXSAFRGGWPWowzMpY&google_cver=1&google_push=Aa02lx8Kv0zGcViFtTT1ibVmcxFiQ6ZLEFEpB0d8TWYwvBNJw4B2O8b6GEVkG_AwMIro0XRbGWxJ-SzbBTlNp_Pmnq8AojPHgw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxOTQyMDM4ODE2MzQ5MDI4MQ&google_push=Aa02lx8Kv0zGcViFtTT1ibVmcxFiQ6ZLEFEpB0d8TWYwvBNJw4B2O8b6GEVkG_AwMIro0XRbGWxJ-SzbBTlNp_Pmnq8AojPHgw

Request Chain 160

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOqRyrONLG2H9_fzq-XRfBI&google_cver=1&google_push=Aa02lx-2Dz2O--q0Fv2fkCKSIO1-GtBpmEPk6P-pvil3-zP6jPKKhQtCqfZPw08mhNNZOlPY1bVuSOgVjUzO-izBIXu9LVHUu_kH HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-2Dz2O--q0Fv2fkCKSIO1-GtBpmEPk6P-pvil3-zP6jPKKhQtCqfZPw08mhNNZOlPY1bVuSOgVjUzO-izBIXu9LVHUu_kH&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675434499279 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5dc255ed-3b53-47e7-bee1-f3502f4bb2de-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-2Dz2O--q0Fv2fkCKSIO1-GtBpmEPk6P-pvil3-zP6jPKKhQtCqfZPw08mhNNZOlPY1bVuSOgVjUzO-izBIXu9LVHUu_kH%26google_hm%3DA13CVe07U0fnvuHzUC9Lst4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-2Dz2O--q0Fv2fkCKSIO1-GtBpmEPk6P-pvil3-zP6jPKKhQtCqfZPw08mhNNZOlPY1bVuSOgVjUzO-izBIXu9LVHUu_kH&google_hm=A13CVe07U0fnvuHzUC9Lst4

Request Chain 161

https://cs.media.net/cksync?type=g&google_gid=CAESEH-p5F8iWdovBgCb29CwOGU&google_cver=1&google_push=Aa02lx8_wfWGVCAeXVw2efJ-Nzh5aYzctRSGMhQ0mwrvepRTObYV4m7QpoZCmTRl3WVJ_LIqDSegZxYad9tZAYTz3tHQ730F_4N5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx8_wfWGVCAeXVw2efJ-Nzh5aYzctRSGMhQ0mwrvepRTObYV4m7QpoZCmTRl3WVJ_LIqDSegZxYad9tZAYTz3tHQ730F_4N5&gdpr=&gdpr_consent=

Request Chain 163

https://an.yandex.ru/mapuid/google/CAESEOVk_WaqKhYVKXI9RkUKQSs?ext-param=Aa02lx9UbTWfIsdp6HPw6qpVuzgPc_qn7YR5NsqUsr2RVXV6O4UZlfkjXiZ2S4fTSbhr5wV6hVUUDpbZpVHq6gv9diadiCOMqrut-A&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEOVk_WaqKhYVKXI9RkUKQSs?redir-setuniq=1&ext-param=Aa02lx9UbTWfIsdp6HPw6qpVuzgPc_qn7YR5NsqUsr2RVXV6O4UZlfkjXiZ2S4fTSbhr5wV6hVUUDpbZpVHq6gv9diadiCOMqrut-A&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOVk_WaqKhYVKXI9RkUKQSs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 167

https://csync.loopme.me/?pubid=11398&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D56%26pid%3D5f2063121d82c82557194737%26key%3D%7Bdevice_id%7D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=56&pid=5f2063121d82c82557194737&key=5c372909-5a69-45f0-8799-7a5e152bfafe&gdpr_consent=null&gdpr=1

Request Chain 169

https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=f784a2b9ba63e56f8a85a1fb43c292f4&_fw_gdpr=1&_fw_gdpr_consent=

Request Chain 171

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=200&key=OPTOUT

Request Chain 176

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 178

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=105&pid=59c9148628a0612da3689288&key=1119ec94-a552-4fe1-9564-ee0d165ef369&gdpr=1&gdpr_consent=&us_privacy=

Request Chain 200

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEERCRzr-O0w2GrrWCOplmdE&google_cver=1&google_push=Aa02lx_7kdPzuEw9hwQ7l7gRHwiFcBF21-XsRWvhc0XXv-UTIbE5_4pJdIowWW5-BeM8Ub9zM3ELgcGgKnCG6l6ysZEcaczRiCpYmg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEERCRzr-O0w2GrrWCOplmdE&google_cver=1&google_push=Aa02lx_7kdPzuEw9hwQ7l7gRHwiFcBF21-XsRWvhc0XXv-UTIbE5_4pJdIowWW5-BeM8Ub9zM3ELgcGgKnCG6l6ysZEcaczRiCpYmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dUtzS09QdnIxUG5YMzU1&google_gid=CAESEERCRzr-O0w2GrrWCOplmdE&google_cver=1&google_push=Aa02lx_7kdPzuEw9hwQ7l7gRHwiFcBF21-XsRWvhc0XXv-UTIbE5_4pJdIowWW5-BeM8Ub9zM3ELgcGgKnCG6l6ysZEcaczRiCpYmg

Request Chain 201

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELbjsetebl-vnbNNA4zTvAg&google_cver=1&google_push=Aa02lx9UsYSWTb6nPDIVcCGmLfuCjnt2HQ0g1lteJBcKi2Bw7pDdnygh_Pb_Ld_fQCuEn2284reHmgZMa46Q0-JpxNqmsVTbt4J3jQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9UsYSWTb6nPDIVcCGmLfuCjnt2HQ0g1lteJBcKi2Bw7pDdnygh_Pb_Ld_fQCuEn2284reHmgZMa46Q0-JpxNqmsVTbt4J3jQ

Request Chain 202

https://fksnk.com/cs/google?google_gid=CAESEIWheyjl10crGiSzSyaXGWw&google_cver=1&google_push=Aa02lx_QNdIkzlRU4I0U-MS5r1yF_6m570w2KVeMIjja4ul7W8e_OzLimPs_y90NZp_o73hSAXtRcHwPagrImAhi6Zgtw2wV4UXR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MzVBRkM2RTIzOEU0QkZBRA==

Request Chain 203

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENjhDd7JbxHgSaYntKm3wSY&google_cver=1&google_push=Aa02lx97zJxVA15AqmyMjAsOvtrLaezgNR05mF9UQxUO2bP_TrSx9rjbd7M3pCg22QpPP5VyRietgpkoYheZ2AnLdgtgZOmZQnBCdA HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENjhDd7JbxHgSaYntKm3wSY&google_cver=1&google_push=Aa02lx97zJxVA15AqmyMjAsOvtrLaezgNR05mF9UQxUO2bP_TrSx9rjbd7M3pCg22QpPP5VyRietgpkoYheZ2AnLdgtgZOmZQnBCdA&prevuid=&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx97zJxVA15AqmyMjAsOvtrLaezgNR05mF9UQxUO2bP_TrSx9rjbd7M3pCg22QpPP5VyRietgpkoYheZ2AnLdgtgZOmZQnBCdA&google_hm=

Request Chain 204

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEcVfennTWqD6lpa6nbW5D8&google_cver=1&google_push=Aa02lx-NkhkjV5_wnU_dDmaRyWTJHiYy6Noq3gXC5-S0UvFwjYFKpypJ64VVFl1BaSNKVPakBMryQvNfhgFb-cu_RvoseXPu9n3Hdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxOTQyMDM4ODE2MzQ5MDI4MQ&google_push=Aa02lx-NkhkjV5_wnU_dDmaRyWTJHiYy6Noq3gXC5-S0UvFwjYFKpypJ64VVFl1BaSNKVPakBMryQvNfhgFb-cu_RvoseXPu9n3Hdw

Request Chain 205

https://cs.media.net/cksync?type=g&google_gid=CAESEAThes4q5tkW7sWAvwa-ysA&google_cver=1&google_push=Aa02lx_VQ1vQQXfY5BkzdwYZmlINPEPw0ZYBjm2N6GJrx2swECNUCasWui5fy74sBQwjSaesPz9UIYfNXfkJVenKFoP_BboNMA5XTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx_VQ1vQQXfY5BkzdwYZmlINPEPw0ZYBjm2N6GJrx2swECNUCasWui5fy74sBQwjSaesPz9UIYfNXfkJVenKFoP_BboNMA5XTA&gdpr=&gdpr_consent=

Request Chain 232

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPTUZYTDQtMjEtOTAwVQ==

Request Chain 233

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDk3OGI4MDY5YTIwODFhNzRiMDE4NzI2NjQzMDAwMDM0MDcxZWY1ZQ

Request Chain 234

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bkWzcS2cQ66qjOqrU7nIcg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bkWzcS2cQ66qjOqrU7nIcg

Request Chain 235

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ODdVS3vSlZfBMICkXVF_Osn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HTqD5c1E2oLpgcWrqIaMlsjDpCZE059YcceErw--~A

Request Chain 236

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1emow5LPTku2B1nx7FPF5A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1emow5LPTku2B1nx7FPF5A

Request Chain 237

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDOMFXL4-21-900U

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEARR2lCebTK2e2GfljUkuL4&google_cver=1

Request Chain 280

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f784a2b9ba63e56f8a85a1fb43c292f4&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v13a2_7195936384090559192&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 289

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=5dXYAHw0Rk1xR1JiZkFzZHJicDZxOFM4TEtBakJEL1lHS29ITDR5bXBjSzN1bHJUb081VWtIWHVsdjFSYmFGQlIxZjhJU3hYNXMvZGlDV2hudmpJWmRSdmJRbzJxVzZLbHpCMXRJSzVSeUFiTFA5amUzV3cxS1Z4U2hHZEhkZ0tFVFZrTHRueUZqRWFRcFhnOEpXZ29hWWhXODNIL05RcFp6MTdaUE4wSFFVQVZCNGIweWVRc0UrTzZTUEIxWXdyTVdndDVUSEJEV0VXMkFjaUZVNlJ6RlNTUVdNU0dDZ0E0YzZEbm1aM1NVemV1OGhpQXY2Q0xYVE1jVDNYYTRuN2gzQTdCfA&cppv=2

306 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request deleted Show response
www.file.io/
Redirect Chain

https://file.io/DseDcCxBoGyr
https://www.file.io/deleted

439 KB
127 KB

234ms
157ms

Document
text/html

108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ceb24d9bf634b034bc20d2321e7c4cf29d2b82572754612308e02bfa7a43a79f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36026
cache-control: public, max-age=0, s-maxage=86400
content-encoding: gzip
content-type: text/html
date: Fri, 03 Feb 2023 04:27:51 GMT
etag: W/"dcd54f24d9946be4664b61b5de3eb6f9"
last-modified: Wed, 23 Nov 2022 15:26:43 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
x-amz-cf-id: JExqgC_YQqJ3f6b4n_fAi5aJw2IzyOxfqjarNmtik-dEnwvyiLAvPw==
x-amz-cf-pop: MXP63-P3
x-amz-id-2: shmZVZvCb9AzPJZVl++3O+t7C0Y6xMbPSS9hMDbelG4KkTFn8DzxFkin6XNaPbdsMXhUyL+lsCI=
x-amz-request-id: QQFENX1A7CF1HGP2
x-cache: Hit from cloudfront

Redirect headers

access-control-allow-headers: Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods: GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin: *
access-control-expose-headers: X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
content-length: 98
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 14:28:15 GMT
location: https://www.file.io/deleted
retry-after: 60
vary: Accept
x-ratelimit-limit: 1
x-ratelimit-remaining: 9
x-ratelimit-reset: 2023-02-03T14:29:15.755Z

GET
H/1.1 200
OK ad-manager.min.js Show response
hb.vntsm.com/v3/live/ 1 MB
313 KB 110ms
23ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 6946027f1167e2d84f37381198e5974aec203fb3a910f80e38fd62a2da5ecfaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 14:28:16 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
X-IP: 217.64.151.29
Connection: keep-alive
Content-Length: 319784
x-sp-metadata: HS256.CJDQ9J4GEogBCiQ3YzE1M2QzMi05YmE4LTQ0MTYtODM4NC0xODAxMTdkODkwOTMQwIPqj/Li/AIaBgiAtPSeBiINMjE3LjY0LjE1MS4yOSje3AIwAjgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDhhYTY5MjEyLWJmOGItNDkxNy04ODMzLWZkN2I1MzUwYzlmORiowhMiGAgCEhRjZHMyMTEubG80Lmh3Y2RuLm5ldA==.vse9/LbNUa9vQpgIIzQtMS0w/4OvEuOopXuif+3adLM=
Last-Modified: Wed, 01 Feb 2023 12:08:42 GMT
ETag: "a5d11ab57128dbefafde6a65cb0f6e15"
X-HW: 1675434496.cds238.lo4.hn,1675434496.cds211.lo4.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Geo, Content-Type,x-bl,x-geo-subdivision
Cache-Control: max-age=180
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision
X-Geo: DE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 14:13:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 901
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Feb 2023 16:13:15 GMT

GET
H2 200 Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 317 KB
318 KB 51ms
51ms Font
font/woff2 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer: https://www.file.io/deleted
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 01:17:34 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:47 GMT
server: AmazonS3
x-amz-request-id: 4FGRTFF0605TC195
x-amz-cf-pop: MXP63-P3
etag: "8dd26c3dd0125fb16ce19b8f5e8273fb"
age: 1343443
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 324864
x-amz-id-2: DRbfIXbgRc9nmjlChBTVO0+TEm1X/TnwFJvkr+ScSn8mvLiua71o9pRoCJhYIptAHJbqDhKkHGM=
x-amz-cf-id: Zg0vrx27YZLKC_ZLqgv7e2hjAHm8TbEkYKPrqggbgIXNcE9rwS6cuA==

GET
H2 200 app-94ab6235bc4552ec45d3.js Show response
www.file.io/ 651 KB
159 KB 108ms
102ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6adc8d1333d3210036fb1f70540db20bce7b2540a199635eda879d05002e8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:19:46 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:39 GMT
server: AmazonS3
x-amz-request-id: KDHFC2F0Q034BTVR
x-amz-cf-pop: MXP63-P3
etag: W/"d5b96f90610fd0e66fccb62435e7f262"
age: 1775311
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: wun7X887IMeLuv-a7uI-ebN3uWYc5WPEohrBXpJfrL7_aC6u_P_lTg==
x-amz-id-2: 0Jqie3ZTI1MQg8LPyMBOTqirEuvtcHatxtorSy/C2VxaUPVyKxJ3udL0IX7OCDBrfpW/59/uyAsAWfMVntE3PQ==

GET
H2 200 0eceb729-761e2b4090024f08e2ca.js Show response
www.file.io/ 12 KB
2 KB 132ms
126ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/0eceb729-761e2b4090024f08e2ca.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:22:46 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:35 GMT
server: AmazonS3
x-amz-request-id: 5N9013S403ZGT5MR
x-amz-cf-pop: MXP63-P3
etag: W/"d8fa3e295945b4065c7adabadd2be99b"
age: 2037931
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: oEtqcdMFNC4QQIEK9qz7MFYvIML6rUNzL5i3wrop7PlbzTBHG97XcA==
x-amz-id-2: TPyY/6h78ld+mkH3p1VkEu2Od8AMJOb8wzHkHFbAZ9IEs73G8fViJoKGg6zsWGiZfDTjcMVKhaw=

GET
H2 200 d6a9949e-4e9c210da2d83a376ddb.js Show response
www.file.io/ 51 KB
6 KB 154ms
148ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:26:30 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:43 GMT
server: AmazonS3
x-amz-request-id: CVSJ9VXZEP1QP6CT
x-amz-cf-pop: MXP63-P3
etag: W/"2feda6389a53a29ad5102ef7918752f6"
age: 1778507
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: sDgbZ4RnBX9eeM8YrnsH1saR1xrqrzlpkrRGNONtOAE4s-DdD-XeMQ==
x-amz-id-2: 3b6/nzulmYw1nqM3PzaJZcSlJztmTzct/Dlrj4NLvuCMGxM1b1qkFiQmEqyLIOL///c/+7iT65o=

GET
H2 200 e82996df-3c73e38611643c5bb219.js Show response
www.file.io/ 50 KB
14 KB 103ms
97ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/e82996df-3c73e38611643c5bb219.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:27:13 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:43 GMT
server: AmazonS3
x-amz-request-id: C17JGGMETQC3EA8H
x-amz-cf-pop: MXP63-P3
etag: W/"785aafc2bda0f767992456b4ba1b0627"
age: 1087264
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: oku3OL1bCiKN64wDGvhX6KYTPLsWYqUnjbRHtJN8XjkcziCm7XZr9A==
x-amz-id-2: qX7CYPDcKnICIO53BDqekCPT2kjBbsDIYEcHCOHMpG3RhBXfe81noscewwYoa8kFBJzeWME3do8=

GET
H2 200 framework-8fce40ee519418a713c9.js Show response
www.file.io/ 145 KB
42 KB 95ms
89ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/framework-8fce40ee519418a713c9.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 01:18:30 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:44 GMT
server: AmazonS3
x-amz-request-id: E5YBDK1PNVEFSGW7
x-amz-cf-pop: MXP63-P3
etag: W/"c4a5f7717ceee6ea81514ff62873ada9"
age: 2293787
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: zKmUHsjy32QMBtL6FUQkfIVl0kzcf_B1zfXS2eD4vw68IuIcQPkX_w==
x-amz-id-2: MOGgScAN0cGtS39aS2P+Mnpc7xNscVFJ4wzlDN9PnEpo9MU9jcq+EwlOj4gfIZIlPeJjJ1onTjhD0+UnIAwimQ==

GET
H2 200 webpack-runtime-e85adc3f73c70220e1cc.js Show response
www.file.io/ 9 KB
4 KB 90ms
86ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3eae67948d40ba7e48ffcdc4f534d48bcae6f98e5d1fc77afa1c7e931462772f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:11:00 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:47 GMT
server: AmazonS3
x-amz-request-id: 8H22GD8HC73B1FT0
x-amz-cf-pop: MXP63-P3
etag: W/"a0b7944440774d5a3e8f33e901ae323f"
age: 2546237
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 9_pZbDBMscjNO3RCLLj6LbkyW8DdR6RoF7Cdl8fBGWmU3akod7uA7g==
x-amz-id-2: 4jstbOo0t8fyCfrrK8ZjnWtVd7vYVx7KoOeXhOzahULTWj0NuMDxIuxH887FzRSxKeTgg8eQu2w=

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
684 B 57ms
15ms Fetch
text/html 2606:4700:10::6816:2f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:16 GMT
cf-cache-status: HIT
x-amz-request-id: 4ZSSCDS5A1Z0FK8F
age: 3778
content-length: 32
x-amz-id-2: KZmowyBCZvDbSFPq/TLuipj7gQjpSnxg55Qcqb4bA7Z9vhmOdz4YGBbRwRSYadxizDvXt8MVG+SzZ6eLo29bYQ==
geo: DE
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, origin, Origin
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 793bda22acbc3609-FRA

GET
H/1.1 200
OK 6357fe75b1abda701427d92a.enc Show response
hb.vntsm.com/v2/live/ 39 KB
7 KB 439ms
395ms XHR
text/plain 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: BunnyCDN-IL1-871 /
Resource Hash: aa92025db7d6e619e6251e77dd26f5266bd18bdb3cd110b06b4ac6250762dc92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 14:28:16 GMT
Content-Encoding: br
cdn-edgestorageid: 1029
Transfer-Encoding: chunked
cdn-cachedat: 02/02/2023 14:38:15
cdn-pullzone: 131999
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 15:41:50 GMT
Server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
ETag: W/"f22a972c9769c5941b943c4fab8a0755"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
cdn-cache: HIT
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
Access-Control-Expose-Headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Access-Control-Allow-Credentials: true
x-bl: 0, 0
Cache-Control: public, max-age=86400
cdn-requestid: 914b0c3ca459c9fa2683a29e79b695b1
X-HW: 1675434496.cds103.lo4.hn,1675434496.cds103.lo4.sl
cdn-requestcountrycode: CA
Access-Control-Allow-Headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 app-data.json Show response
www.file.io/page-data/ 50 B
540 B 40ms
40ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/app-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:57:27 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: R59CH5ZKHAC77MDT
x-amz-cf-pop: MXP63-P3
etag: "8560808e9c37804e4c72d09857f5dca0"
age: 16250
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 50
x-amz-id-2: Ecn4ZDvz7SjUv/JmQopF1/cPKBgN3n/wSpvmopXRY7RfKRBjsZJPy2fogd2+4PI61Q5kmsGau0INt5MC3gqrgxPYWfsc9xB6JNizq+VtP44=
x-amz-cf-id: 0H7J5AxoWMk7V56K0JNkpoNYUKcTrJPe4u7uAmzgOZLhUHtTUOAepg==

GET
H2 200 page-data.json Show response
www.file.io/page-data/deleted/ 152 B
645 B 40ms
40ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/deleted/page-data.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 04:27:52 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
x-amz-request-id: QSJREY91P1EDJ4MF
x-amz-cf-pop: MXP63-P3
age: 36025
x-cache: Hit from cloudfront
content-length: 152
x-amz-id-2: KU4o8LeqA6lY3ztlLaRwgvn5j9RXgINw+KuwUEhs6ddlOBKEbjF2aaVXVFZ8R70DrHf9pq05g87DURauVwwc/g==
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
etag: "728a4f433ef9bed1433eaa226cad06d0"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: KixFZm8362nPSQaSyKI1XccKdjHW8bBjRQ3kEExk_W3QNigv_9auxg==

GET
H2 200 cb1608f2-e216539eabbd5925fc79.js Show response
www.file.io/ 15 KB
6 KB 58ms
55ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/cb1608f2-e216539eabbd5925fc79.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f78b804125d36b1a1c502fc0bc1aae64f96ade1ee9a773ba5def5b80804094ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:18:57 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:40 GMT
server: AmazonS3
x-amz-request-id: 0WT7MFXJ3R79JXE7
x-amz-cf-pop: MXP63-P3
etag: W/"67e460d9dbcf3a954ab115654390d3d7"
age: 2545760
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: YarHrzAqYM0ka1k5PXA-QLZH7yUVzme96uKt71P24rqUBoST5zgpUw==
x-amz-id-2: aVcaOeDoX5t3N5ixnHetwDOeBqpUwn66A8+8hv/2nCizm3olW9loULnuUezliYx/GZsZ6DHA8PI=

GET
H2 200 a9a7754c-f1b5f9c5144f62adc766.js Show response
www.file.io/ 4 KB
2 KB 58ms
55ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 00:50:48 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:37 GMT
server: AmazonS3
x-amz-request-id: MQPXAB6BMNYV4DZ3
x-amz-cf-pop: MXP63-P3
etag: W/"4ae04cdf11989fa265bb8cc9b598298f"
age: 1604249
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 8RL4QTf04voVWBk4cVzyKKywJJPk1TPvKiP8i_yWRi7iIly2gulQyA==
x-amz-id-2: vTKPpwdcKSKK59w82n7DI28+EZH8+E4QKdMEt7nE4YFbuXeEE5ybkDAlIyDOtLhQuLFc9ECRf1Y=

GET
H2 200 381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js Show response
www.file.io/ 117 KB
66 KB 49ms
47ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 00:43:19 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:35 GMT
server: AmazonS3
x-amz-request-id: 8TNW1SCG2KPY3SWX
x-amz-cf-pop: MXP63-P3
etag: W/"9c41c9970ebc8fe4c98c8f02b631cd07"
age: 1345498
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: kASHZpD9wrTGXDiIY3BUzRbum9fWAGKKvoGTkqh1TLWx1G8kmg-Izg==
x-amz-id-2: +RqZMILRZQQPLDZZBMjnPjPa3O/reIH8ASq1e7Zez2/VtNaVb5CQ3ekHRDl135q98AmTsTuzizE=

GET
H2 200 a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js Show response
www.file.io/ 21 KB
9 KB 42ms
40ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 00:26:31 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:37 GMT
server: AmazonS3
x-amz-request-id: ZRTH123J38CRGS70
x-amz-cf-pop: MXP63-P3
etag: W/"2b921aab089ea83ec7bb825f970e0b68"
age: 1000906
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: F6A4QJ53k8Uu8AUAZYmckldI1_PTOxabMB8shAgBbirYe1o8dF99-Q==
x-amz-id-2: 6UWtlXkAkOgC81KAmx0I2bTb0Uht1sddKjqVU5kwbgydA+9PQ4rjOrE+cA/pA4SnTZim2QxEZa8=

GET
H2 200 6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js Show response
www.file.io/ 24 KB
8 KB 46ms
44ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:05:03 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:36 GMT
server: AmazonS3
x-amz-request-id: XJSBJQ4M4TG6M60Z
x-amz-cf-pop: MXP63-P3
etag: W/"02f76c7d444e6eab701d07bea36dfd50"
age: 1862594
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: fLkVrPs3_czJtOmuYLp-2PHOis_jSVIkTg95WYGWEt932FSQzrOTZQ==
x-amz-id-2: 6O/LznFOxPoGYi6kNMoRXFxfEI9iqj3K3T5Hn6gysV3Ga/z3V6+mAQuS7cQqPytNygJQa8lkcUw=

GET
H2 200 ed516ccec82792e61eba5551e335b957b2d7d02c-6ae9c8365097e016cebe.js Show response
www.file.io/ 45 KB
15 KB 43ms
41ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/ed516ccec82792e61eba5551e335b957b2d7d02c-6ae9c8365097e016cebe.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a54cc829e9e54c97f61adab5c35ac3225b179b11a792a91f49022d1db7b9b9aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 00:26:31 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:43 GMT
server: AmazonS3
x-amz-request-id: ZRTQSSXYPYGGCNRJ
x-amz-cf-pop: MXP63-P3
etag: W/"83f8c9e26a69db93869cfcef32de2315"
age: 1000906
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: dASuVm7PBPSA08u6yRWYQ_K33TzxO7XG8wyjqJNtzeFwom-b7t3rpQ==
x-amz-id-2: Qml9ScRnQbg/NIaiSou6bn/eDBUlrkCRSGuEBPtSEGn6X/9/KVkUiMWvdSH5ks2XsklTiZ3M9Qk=

GET
H2 200 component---src-pages-deleted-js-5722fd90ebe96ef888eb.js Show response
www.file.io/ 2 KB
2 KB 47ms
45ms Script
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-deleted-js-5722fd90ebe96ef888eb.js
Requested by: Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7644bc819a01d32c6850d97e70779351138612c2cb63af9a95cc048441170a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:07:13 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:41 GMT
server: AmazonS3
x-amz-request-id: GRARCN5HPY365XN2
x-amz-cf-pop: MXP63-P3
etag: W/"3546f418175eba4bde29ef79090a1c6c"
age: 2370064
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: p7aWNrumAtsEph7J7DUOTf4mVQKU3Hp-fKQ7QeOzHhALLSLaKgEZaw==
x-amz-id-2: Xqnai12en11O+DGLDX44vmc76ujFfv2yZ+aG0dE60Zkva5V0zlKnqUzHuoqsLkc0YfI/VWB614JzSectLgHuhA==

GET
H2 200 1655680770.json Show response
www.file.io/page-data/sq/d/ 447 B
933 B 43ms
42ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/sq/d/1655680770.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 03:39:50 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
x-amz-request-id: N6AJN95DZ278RJ13
x-amz-cf-pop: MXP63-P3
age: 38907
x-cache: Hit from cloudfront
content-length: 447
x-amz-id-2: oeQW2G+9kfeWN10l6ZrmzhTdA3wLBiycRsiKSAmrIqgClbR/NvXR+ss+wJ1JIY+RRmmzd+m+OsA=
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
etag: "c839c57483bd5d788408e7fc88e7cc8d"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: 19PVRAWAxmWcd54mCztZTFt7cqVbBDYMe5wABnW4graumMky1jw-YQ==

GET
H2 200 1810866655.json Show response
www.file.io/page-data/sq/d/ 2 KB
876 B 44ms
43ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/sq/d/1810866655.json
Requested by: Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:11:05 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: 3DTANXM34031FD93
x-amz-cf-pop: MXP63-P3
etag: W/"7bb0144e136507cd9bfbaceb72189d09"
age: 33431
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
x-amz-cf-id: _xm2H0ogaj-6VX6RBLnrfd85-HPf1GnjNzmy46UfmvAWZq--VjLArA==
x-amz-id-2: ZPFYgMT/Cetfo+lliioXMbDmoc7AlIkHtykP1YbOivWq5ig97NT2/Jt/8diy/WeM5uCN2x324Hk=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 25ms
13ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=988864285&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fdeleted&dp=%2Fdeleted%2F&ul=en-us&de=UTF-8&dt=Deleted%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1127462704&gjid=904747629&cid=1232628591.1675434496&tid=UA-65658019-1&_gid=2098447247.1675434496&_r=1&_slc=1&z=1036082095

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 60ms
17ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-65658019-1&cid=1232628591.1675434496&jid=1127462704&gjid=904747629&_gid=2098447247.1675434496&_u=aEBAAEAAAAAAACAAI~&z=1406900041

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 14:28:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 266ms
112ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-11ffd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73725
expires: Fri, 03 Feb 2023 15:28:17 GMT

GET
H2 200 px.gif Show response
ad-delivery.net/ 43 B
943 B 64ms
30ms Fetch
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1039152
x-guploader-uploadid: ADPycdtnhTwvRwGtGVML3wuenGrjXOy9i4dsDVEI_viVMUVgGJBcBQHwkt2zqd57q7qIWdxB_Gj6s2N07Lz2rA756DuSZZspRAdn
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CUNKqkBXWg%2F32wpUnKENZoqdWIEfqKT3lZMOcvoYXLt8vSHvlTpOez1VQWhUsTD66h%2FDSvUyt3dX0DM0ta6XusE52QewfwEBeZd2aASFrBqssPH6rTrZpEMlgwtpCqNwvlcBRrCkxf5Mbh25A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 793bda258c9f9000-FRA
expires: Sun, 22 Jan 2023 14:16:49 GMT

GET
H2 200 script.js Show response
d1oykxszdrgjgl.cloudfront.net/ 121 KB
43 KB 192ms
60ms Script
application/javascript 2600:9000:2045:4600:0:1651:6140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2045:4600:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3da23015e018a0724ff87233a079e83ed45bf33e114ada17d8e26d174d6d4667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:24:54 GMT
content-encoding: gzip
via: 1.1 b3404c926b62d5bf8cb54cc9471cbe42.cloudfront.net (CloudFront)
x-amz-version-id: 8pV4XZJN1Fz_nAGRQ3xjdbGffYKlh8Wa
last-modified: Fri, 03 Feb 2023 13:43:47 GMT
server: AmazonS3
x-amz-cf-pop: ATH50-C1
age: 204
etag: W/"d5d225238142a2fee8dffea10b43816b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: iMpvb7Y48T7jbP3zxj1ENgRoumIi-NyI3oVhSOZGUk03i0-AXptErQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 180ms
80ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c276285708800494d413ec1eb5884caf4d2e4e2b6e39b63c2f1e4988e568b2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27307
x-xss-protection: 0
server: sffe
etag: "1471 / 869 of 1000 / last-modified: 1675426133"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 14:28:17 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9903.rY-RXjQmDAcCy4hUaUdW_n8PWigGUXSxJuG0HzIEFAL3Ok0nlqFTFeirymLLXybk.ZWqX2l6OL37HqF1vQHP57cxvRGg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9903.dLQRZ5qUp_r8SR4ynxaIkSNlW9hHauafg4SHjBmEi8LexU4jlIR8jPKc89jBnbq7ooTVyqcJlsoQDJNZ-7qwC4oNOmJGUyqQdxJBaPuGUO4%2C.ib9pUJ4Sy09UehXhJASRBnS7B_8%2C

43 B
67 B

94ms
66ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9903.dLQRZ5qUp_r8SR4ynxaIkSNlW9hHauafg4SHjBmEi8LexU4jlIR8jPKc89jBnbq7ooTVyqcJlsoQDJNZ-7qwC4oNOmJGUyqQdxJBaPuGUO4%2C.ib9pUJ4Sy09UehXhJASRBnS7B_8%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9903.dLQRZ5qUp_r8SR4ynxaIkSNlW9hHauafg4SHjBmEi8LexU4jlIR8jPKc89jBnbq7ooTVyqcJlsoQDJNZ-7qwC4oNOmJGUyqQdxJBaPuGUO4%2C.ib9pUJ4Sy09UehXhJASRBnS7B_8%2C
date: Fri, 03 Feb 2023 14:28:17 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 73ms
57ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Feb 2023 15:28:17 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 122ms
92ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 135ms
95ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.file.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 03 Feb 2023 14:28:17 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 pubads_impl_2023020201.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132430
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:36:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 03 Feb 2024 11:06:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 866 B
393 B 94ms
53ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b327fea5e04552521e80b87517d936f22fb22a170103c01963f6092730f79ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
x-xss-protection: 0
expires: Fri, 03 Feb 2023 14:28:17 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1015 B 68ms
15ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 14:28:17 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1545869
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48zdZWcDiS6E%2FxFVCeP8v8TVmPKry77rE5bs4jAIoiE5XRxS9u8Sxo7OkEfM3YY6C2XTxizaIgsXZKL0O6lpsrETuum1npxGKJpy3R1PvgH2cfKF5iI5Qs6OAfnmYWyyfBjy8m9UFJsU0raU"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 793bda28c929bb65-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 142 B
1 KB 103ms
41ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

052cc51321a70368b8d983631f0d6f516b48de38dad5d09ba793097626505ccb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:17 GMT
AN-X-Request-Uuid: 8538ba75-940a-4c2e-bc55-c7f282fc6d9d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.file.io
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 269ms
144ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
600 B 65ms
11ms XHR
application/json 52.57.32.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&tmax=3500

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.32.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-32-9.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:17 GMT
accept-ch: sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent
x-auction-status: 12, 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
526 B 113ms
73ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

039ed13ae2e065fdee9d11fc53ab131169c749d092693f90fff4f406e049091a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:17 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 55
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 180
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
273 B 63ms
14ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:16 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 258 B
1 KB 65ms
44ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

340f478dab7c7061c5c2352350c92ddce8525e7d6a335c7245690c186eaac475

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:17 GMT
AN-X-Request-Uuid: 2841f5ef-f114-472e-a7dc-b8231f398d2a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.file.io
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 258
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 pb Show response
ad.360yield.com/ 0
99 B 128ms
33ms XHR
text/plain 54.216.221.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.221.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-221-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:17 GMT
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
280 B 362ms
93ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ee5f479ea301d16161fb85b07b578efb28f451b4e038d5db34fc292f0a18098a

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
335 B 279ms
11ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=%208a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 67ab8a6f77c94297a320f6ed89e9f8cf4b97e68fadc84dd3bb083073d00bd182

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
280 B 368ms
101ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 38f493d22a25f45d12fa9cf9b86ca750c4a6f18c378024c4ab78ba7483d86c38

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
279 B 415ms
148ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a1b7f58fe31dcd16a96c9b4ba7c27d02af13b9879453da2d47d9e3cd5b7685d7

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
280 B 367ms
100ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8a55172d6748c1a4da5ea86b13cf86ed57b4463e56bf1814f9df28dc24816b96

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
279 B 366ms
99ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c2d94e673877d28135aabbfe0b0d77657a56e3dbf3568357a477f4513c489770

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
279 B 285ms
18ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fc757f1ebf108ae3d13759ba1c626880971f449ba71c7a5236b9770624a11a82

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
280 B 377ms
110ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: acdf5bb4ed2e6f1ade5971a56c48d599a241ff28daad173d7cec87603763f78a

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 144ms
77ms XHR
text/plain 52.28.147.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.147.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-147-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:17 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
155 B 87ms
21ms XHR
text/plain 52.28.147.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.147.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-147-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:17 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 91ms
26ms XHR
text/plain 52.28.147.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.147.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-147-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:17 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
154 B 90ms
25ms XHR
text/plain 52.28.147.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.147.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-147-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:17 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
333 B 390ms
33ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:16 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.file.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
333 B 390ms
34ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:17 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.file.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 130ms
43ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.file.io

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 46ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.file.io

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
654 B 268ms
267ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b062c9bc137e1dc117519867d2ddb94bd21fbeb274b9d7b3c6d525c1f34890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 624
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 89ms
55ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020201&st=env

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c8a850ecc1342e9b94fc23e8d2d15db1a48f299c47e1c4d0e8fff26c98b72df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11287
x-xss-protection: 0

GET
H2 200 container.html Show response
79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1CE3 6 KB
3 KB 112ms
16ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:28:17 GMT
expires: Sat, 03 Feb 2024 14:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023020201.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023020201.js?cb=31072166

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0acfc0c79d2e9084f691532eb014e8523316e895df7f0f805591bb4097f6a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 13:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:36:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Feb 2024 13:12:03 GMT

GET
H2 200 spt Show response
tg1.aniview.com/api/adserver/ 22 KB
7 KB 285ms
226ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=827e435f1885fda0d7e5406bb05085db&AV_PLACEMENTID=6373750d98fb531abee85ae5
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 50e7bd6d118c297466855d08f2a00aa7546a35d44316ffd36531777bba32b55d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJHQ9J4GEogBCiQ3ZDhiMzc1OC01YjgyLTRiY2EtOGE4Zi00NzkxMTRhZGNlOWYQgMaC9OXi/AIaBgiBtPSeBiINMjE3LjY0LjE1MS4yOSio5gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRopEiRlYzRjMjYxYS0xOTI2LTRmYzMtYWU3Yi1mOGVjMWRiMGZjN2EYhzAiGggCEhRjZHMwNDAubG80Lmh3Y2RuLm5ldBgJ.GWFi5FTS2SVtGJKss9R4QxrzWAhZNu+eUHSBSavlc64=
x-hw: 1675434497.dop262.lo4.t,1675434497.cds288.lo4.hn,1675434497.cds040.lo4.p
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
content-length: 6151

GET
H2

200

1 Show response
mc.yandex.com/watch/90916604/
Redirect Chain

https://mc.yandex.com/watch/90916604?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A...
https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%...

435 B
518 B

66ms
66ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A17248978121%3Ahid%3A526444345%3Az%3A0%3Ai%3A20230203142817%3Aet%3A1675434497%3Ac%3A1%3Arn%3A1022881094%3Arqn%3A1%3Au%3A1675434497878974128%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A36%2C41%2C157%2C38%2C343%2C0%2C%2C25%2C0%2C1014%2C1015%2C0%2C640%3Aco%3A0%3Acpf%3A1%3Ans%3A1675434495472%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675434498%3At%3ADeleted%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f0632ed635bc82cb0d16359e75b80f0a5e4d9eebabcbc4aaf03483605137829c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 03-Feb-2023 14:28:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.file.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 14:28:17 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:17 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 03-Feb-2023 14:28:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A637%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A17248978121%3Ahid%3A526444345%3Az%3A0%3Ai%3A20230203142817%3Aet%3A1675434497%3Ac%3A1%3Arn%3A1022881094%3Arqn%3A1%3Au%3A1675434497878974128%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A36%2C41%2C157%2C38%2C343%2C0%2C%2C25%2C0%2C1014%2C1015%2C0%2C640%3Aco%3A0%3Acpf%3A1%3Ans%3A1675434495472%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675434498%3At%3ADeleted%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://www.file.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 14:28:17 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 49ms
34ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 14:28:17 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 44V0SA1Y42KEB4E3
Age: 962867
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: +pq1lvrkHjoKj4hH9iBM94LvZjdhbwnhfhzQnEJaI3PAQJT5LdD71OEUJbMgnjw4Ga5dojmyyOQ=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOUexF%2FPKdK4cstr4RXcVo7z%2Fng5P9Dg%2F0dv3pD%2BqIuBygUb44dG6lJ2yAOm3IlcegSTe4k%2FKSNSJAc%2F50x5%2FL5%2FLNjbQ2kLwIzsFn%2Bo8zw42qIae5x0hveS2GKdMklOOV2MDR1Wqc3lD6N0"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 793bda29e8f39b1b-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 69ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 14:28:17 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34EB 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 11:24:26 GMT
expires: Sat, 03 Feb 2024 11:24:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA47 783 B
1 KB 50ms
22ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a12727b013ef85be6159553d9c1e0e1944ee1d0c36654c0642b4a8167be873d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PyHoZVpdPx7_O1VP-lz2UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-PyHoZVpdPx7_O1VP-lz2UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:28:17 GMT
expires: Fri, 03 Feb 2023 14:28:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 34EB 36 KB
14 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 07:28:31 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9903.T2oua9dht-6LNdRdo7cq-MPeT7sa8KF-Aoa8qaiOwPgMtAmhPPHfn4hKbU2JLI7-.e9KMJSGprSAx2gZi4mUqM1WBYWY%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9903.2doWru5y6RcFR9r6il5sbB247fMlv4ABKZrrP3LPPdhPPhedsHYwPy2KkPOa8_AAIgUFiny3Xnrkl-M86_ki4O9uOCL_y36SX4dRT8jZPbY%2C.03crMqRmIgtnjBrpfe...

43 B
79 B

82ms
81ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9903.2doWru5y6RcFR9r6il5sbB247fMlv4ABKZrrP3LPPdhPPhedsHYwPy2KkPOa8_AAIgUFiny3Xnrkl-M86_ki4O9uOCL_y36SX4dRT8jZPbY%2C.03crMqRmIgtnjBrpfeyAtHRtRK8%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9903.2doWru5y6RcFR9r6il5sbB247fMlv4ABKZrrP3LPPdhPPhedsHYwPy2KkPOa8_AAIgUFiny3Xnrkl-M86_ki4O9uOCL_y36SX4dRT8jZPbY%2C.03crMqRmIgtnjBrpfeyAtHRtRK8%2C
date: Fri, 03 Feb 2023 14:28:17 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA47 0
0 62ms
43ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020201&jk=425517384572797&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
157 B 16ms
15ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:17 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 125ms
124ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e272ea102a2&cmd=bid&secure=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 65f71a90641735320fbdece043d522c7e2bb1283872763ee587da692ca378b62

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 80

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
333 B 57ms
43ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:17 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.file.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 pb Show response
ad.360yield.com/ 0
98 B 30ms
30ms XHR
text/plain 54.216.221.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.221.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-221-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:17 GMT
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
1 KB 9ms
9ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ba2983c57e0b66320d165d7d5784b1ca66d9193404db72b8b0b4b3a93449fbb2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:17 GMT
AN-X-Request-Uuid: da505fa3-6514-40ed-b7c4-dfb00d91686e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.file.io
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 137ms
137ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
519 B 16ms
14ms XHR
application/json 52.57.32.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&tmax=3500

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.32.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-32-9.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:17 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 112ms
29ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.file.io

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 63ms
0ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.file.io

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 329ms
328ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=425517384572797&correlator=865385981080768&eid=31072040%2C31072119%2C31072166%2C31070233&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370d898fb531abee85aab&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C970x90%7C970x250&ifi=2&adks=3195751161&didk=1404112648&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D637370d898fb531abee85aab-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3Dc33dafe6-v7.17.0_fo%26pg_ld_id%3D5a0df87cf8b4e218d61c29a48bd4038b%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370d898fb531abee85aab%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dbfe149e95c378a639a174dd11d353aea%26bf_br%3D18200000%26af_im%3D18200000&sc=1&cookie=ID%3D96b15d988f138ab6%3AT%3D1675434497%3AS%3DALNI_MY5i5pdtOadiGDp8pD5lKJmQrqKQA&gpic=UID%3D00000bae5834d6da%3AT%3D1675434497%3ART%3D1675434497%3AS%3DALNI_Mb0JKzLvygAklsLkkZWRCydBB3YPg&abxe=1&dt=1675434497938&lmt=1669217203&dlt=1675434496053&idt=1382&adxs=436&adys=993&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1232628591.1675434496&ga_sid=1675434497&ga_hid=988864285&ga_fc=true

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b53e9054fc41cf6f2c14b2a2abb0456db0c7dab4dbef784b59b5b4f850cc175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12174
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 559ms
559ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=425517384572797&correlator=865385981080768&eid=31072040%2C31072119%2C31072166%2C31070233&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370bb889c301e8e7ad53d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C970x90%7C970x250&ifi=3&adks=1730059992&didk=632355589&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D637370bb889c301e8e7ad53d-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3Dc33dafe6-v7.17.0_fo%26pg_ld_id%3D5a0df87cf8b4e218d61c29a48bd4038b%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370bb889c301e8e7ad53d%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dbfe149e95c378a639a174dd11d353aea%26bf_br%3D18200000%26af_im%3D18200000&sc=1&cookie=ID%3D96b15d988f138ab6%3AT%3D1675434497%3AS%3DALNI_MY5i5pdtOadiGDp8pD5lKJmQrqKQA&gpic=UID%3D00000bae5834d6da%3AT%3D1675434497%3ART%3D1675434497%3AS%3DALNI_Mb0JKzLvygAklsLkkZWRCydBB3YPg&abxe=1&dt=1675434497954&lmt=1669217203&dlt=1675434496053&idt=1382&adxs=436&adys=263&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1232628591.1675434496&ga_sid=1675434497&ga_hid=988864285&ga_fc=true

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d70386b587907bce6f2c85efe9f689be5d253d9859dae2cb8857fe8bf8c8f545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12390
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 773ms
772ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=425517384572797&correlator=865385981080768&eid=31072040%2C31072119%2C31072166%2C31070233&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_6373734998fb531abee85aca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=4&adks=395328344&didk=1786973171&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D6373734998fb531abee85aca-1003%26hb_iv%3D1%26sv%3D1%26re_ve%3Dc33dafe6-v7.17.0_fo%26pg_ld_id%3D5a0df87cf8b4e218d61c29a48bd4038b%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D6373734998fb531abee85aca%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D160x600%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dbfe149e95c378a639a174dd11d353aea%26st_ty%3Dvert%26bf_br%3D18200000%26af_im%3D18200000&sc=1&cookie=ID%3D96b15d988f138ab6%3AT%3D1675434497%3AS%3DALNI_MY5i5pdtOadiGDp8pD5lKJmQrqKQA&gpic=UID%3D00000bae5834d6da%3AT%3D1675434497%3ART%3D1675434497%3AS%3DALNI_Mb0JKzLvygAklsLkkZWRCydBB3YPg&abxe=1&dt=1675434497996&lmt=1669217203&dlt=1675434496053&idt=1382&adxs=45&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=160x270&msz=160x250&fws=4&ohw=160&ga_vid=1232628591.1675434496&ga_sid=1675434497&ga_hid=988864285&ga_fc=true

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a4efdaa8b880e312f811ecc09b35d0951059cea3bdcd152f3a3552f95eeb7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12345
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
feed.avplayer.com/backend/ 4 KB
972 B 164ms
22ms XHR
application/json 2a02:26f0:3500:c::5c7b:6822
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.avplayer.com/backend/get?cmsType=playlist&id=636a37af05e5617b262a5a52&AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:6822 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy / PHP/8.1.13

Resource Hash

ece97dcb86db8e45d313350cc31e5eccfe641c9b46787f5a20038f5bceb01f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
x-powered-by: PHP/8.1.13
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-envoy-upstream-service-time: 19
content-length: 713
expires: Fri, 03 Feb 2023 15:28:18 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 139ms
28ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJLQ9J4GEogBCiQwMzJkYTRkMC0xZDAxLTRmZjEtYmY3YS1hZWVmMjM4Yjk5ZTgQkNjW+Kvg/AIaBgiCtPSeBiINMjE3LjY0LjE1MS4yOSiqoAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGJkODg4YzJlLTMxMDgtNDhmMC1hYjA0LTAxOGVhNDBkNWIzYxiO3wMiGAgCEhRjZHMwNDMubG80Lmh3Y2RuLm5ldA==.ZIxNaw+jKiLbpxnwUN+aT9QEfaxK9wOlkGh2NGxDzEA=
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "1646327924"
vary: X-Goog-Allowed-Resources
x-hw: 1675434498.dop030.lo4.t,1675434498.cds034.lo4.hn,1675434498.cds043.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 61326

GET
H2 200 track
track1.aniview.com/ 0
71 B 533ms
102ms Image
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&cb=1675434498010&r=www.file.io&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d65=IntentIQ&d66=7&e=playerLoaded&cpid=636a37af05e5617b262a5a52&str=viewable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 34EB 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nfMImA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
71 B 374ms
99ms Image
text/plain 54.80.246.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cpll&cb=1675434498244
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.246.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-246-179.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 206 video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 457 KB
0 65ms
31ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=632075b70fa709288815ba86&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.file.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
x-guploader-uploadid: ADPycdszYUNLsfuel9FgukK-XaOXQSmVxYxJ6jPs2eLcVO6_OttVnsDLyUJNH3hZHgVWaLw_RJU4L9NIJzH__VPBWZxirYbOqT5c
x-goog-storage-class: STANDARD
Content-Range: bytes 0-13496023/13496024
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 13496024
x-sp-metadata: HS256.CJLQ9J4GEogBCiQ1YTUyNTU1Ni02YWFjLTQ5ODctOWI4NS0wNTZhM2U4NzM1MGEQuNb12vfT/AIaBgiCtPSeBiINMjE3LjY0LjE1MS4yOSiqoAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRotCAESJDhjNDY1NmI0LTc4NjEtNGI5NC04Yzc2LTFkNGJhOWE2MWJlNRjY3bcGIhgIAhIUY2RzMDg5LmxvNC5od2Nkbi5uZXQ=.DClRjCHqjcwhC8qjyUfRckjAq8FOed62QCfSeo7WhBY=
last-modified: Tue, 19 Apr 2022 15:55:06 GMT
server: UploadServer
etag: "5988954ac663c7a7640a82f507517315"
x-goog-generation: 1650383706252946
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1675434498.dop030.lo4.t,1675434498.cds034.lo4.hn,1675434498.cds089.lo4.c
x-goog-stored-content-length: 13496024
accept-ranges: bytes

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame A42B 440 KB
119 KB 74ms
21ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 99e8be242d57a54072d21b9a2f84379a7f1a9e6fc4e1661e83e2cc80725e7cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJLQ9J4GEogBCiRhYTZiMWI4Yy0wYmJjLTRhYWUtOGJmMi05MTczZjZhOWVjYTUQyIKixK/g/AIaBgiCtPSeBiINMjE3LjY0LjE1MS4yOSio5gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDA5NTlkZDY5LTNlNjktNDU0ZS04MzQ5LTAzMmU5OWMyZWQ4MxijsgciGAgCEhRjZHMyNzQubG80Lmh3Y2RuLm5ldA==.qT8AZQHjCy2NTnddV5lp+3ASsidqW5VobPrukb63qo4=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675434498.dop262.lo4.t,1675434498.cds288.lo4.hn,1675434498.cds274.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 121123

GET
H2 200 container.html Show response
79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9418 6 KB
3 KB 21ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:28:17 GMT
expires: Sat, 03 Feb 2024 14:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 92 KB
92 KB 93ms
92ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=632075b70fa709288815ba86&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: f6e71eeef1e40c63b69666f9d805758869d464935777c2e56ee6f90ee3b8b1fb

Request headers

Referer: https://www.file.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=13402112-

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
x-guploader-uploadid: ADPycdszYUNLsfuel9FgukK-XaOXQSmVxYxJ6jPs2eLcVO6_OttVnsDLyUJNH3hZHgVWaLw_RJU4L9NIJzH__VPBWZxirYbOqT5c
x-goog-storage-class: STANDARD
Content-Range: bytes 13402112-13496023/13496024
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 93912
x-sp-metadata: HS256.CJLQ9J4GEogBCiQyMGNiN2JjMS1lMWUyLTRjMWEtYTdjNC03MzQwYjZmYTcwNzUQuNb12vfT/AIaBgiCtPSeBiINMjE3LjY0LjE1MS4yOSiqoAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRotCAESJDM4ZTdlNGI4LTY0MmItNDY2Yy05NjZlLWI0MzU5ODMwNjg5ZRjY3bcGIhgIAhIUY2RzMDg5LmxvNC5od2Nkbi5uZXQ=.vHUw/d17En6c425k9/cEyTiaD9m3b9jMITO+8u8hcXQ=
last-modified: Tue, 19 Apr 2022 15:55:06 GMT
server: UploadServer
etag: "5988954ac663c7a7640a82f507517315"
x-goog-generation: 1650383706252946
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1675434498.dop030.lo4.t,1675434498.cds034.lo4.hn,1675434498.cds089.lo4.c
x-goog-stored-content-length: 13496024
accept-ranges: bytes

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9418 0
0 77ms
77ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSo4WAhrdY8dd-MPv9Q_Us7CwDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTc4MTUzMTIwNzUwOTIzMsgBCakCDqjL0mBHsj7gAgCoAwGqBJMCT9CIUi2zR8dBs-nbw596L7DV9RomAgJC6hg0bhk0wGAKOasK9jYrMrseh5Ar9QZ3sFZZJomAb1douBgzS6yjOJWMPFDjLaihk5NZwBjB9V4YVYECpcXeQ3PbRVjqFArjyEddea886D9ddTp8xsnKnJhkc-bhalh3ExafvTjce6KBilc4SNryZoJAdT9sJX4L2zSBZ4u9uA_6UjWzZhcjx0ZLYaGvzODTISczXwSQgSRT2Oe0ZqYcj5dQ0nCM8pwxlLMMLO4tJ2iTe4y2GowuPpFf__HIa-TeveR-gPyN5eZCHuJM0IT2NFr66bs6mzznlyf8a4K4R7fXJvcOUF1B4XTZ9p0Vum-RtOCXbhb95Ib3cQDgBAGABpr_i5Gg7I_vwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU3ODE1MzEyMDc1MDkyMzIY57Zt&sigh=gGb5JjQZRXk&uach_m=[UACH]&cid=CAQSPADUE5ymP5JCTFZjNl0Lp_a2AXVKXNchNyPWoIR0XPrWaPYrRoC4mkbmytW1skkBX6kgB2HADJjUWiykmBgB
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 9418 0
0 122ms
21ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kISxEvXJVcoH-gGdg2ICAgAAAIqFfbLnKgfkEAEa3WMeYnl3v2qMZy_dUwASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y90aAgAALscIu-H4AAwZ1JXKJXLc6OGaeRx_cg

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 223536
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 47CF 51 KB
20 KB 113ms
59ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAALscIu-H4AAwZ1JXKJXLc6OGaeRx_cg&u=%7CwGbAbjAltplE8ACHz2cbnDlT7DWQ8B98Q5NCnr2V3Gg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTMFRL-I4lOsZY7L7jSxM1rrwEXKhEWVcHBPNgFNXC0gpAWPgFBiD6h0S7dEZsfOeI-Y8vuJHZ-l6QQ5sQpOuWjc1IRtE0j_MDMd9acTVfdcWfOtuvms9x1B9z1gEZQct1wpMFCEBgo9KmaZMyMrz_c6FUeXOf1jZMTuMtbXBE8G7fttOdk8Hn5BrcHUHTcYqHXsEss49dL5flOtglY1DRDLkAV183vnrk-fs-wGDquSdHsvsEqqbMfFOSBzC21g16tFlblpbTcEmyvllOKkB0moQxdXFM_3v3cP2iSH6EdhpZgpHmUH_uL72kLHr2_n3GjYlFOgona8Fk3yZftB2siSJb8eDQsGOxxxyEAo8ZkuNYkVbJpbVxddNqhqAMERFMi8mAvd1-0dbEVHyLFyCn4UIELXPzJLpEzzlhbX0nM2KTJL2yuAmUczqw9x7bKd4PqhpNMrRQpjuL4xVCuGdNL_C1nLrBAUVL8VKKwB6m_L8mF34I6gw57v0VTtPJOvwj15pqhGzLJDU5_WAHCj8SYoAJpk2A-iEj83QOdnv9dn6I9L6v7G10A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcQfAhrdY8dd-MPv9Q_Us7CwDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTc4MTUzMTIwNzUwOTIzMsgBCakCDqjL0mBHsj7gAgCoAwGqBJYCT9CIUi2zR8dBs-nbw596L7DV9RomAgJC6hg0bhk0wGAKOasK9jYrMrseh5Ar9QZ3sFZZJomAb1douBgzS6yjOJWMPFDjLaihk5NZwBjB9V4YVYECpcXeQ3PbRVjqFArjyEddea886D9ddTp8xsnKnJhkc-bhalh3ExafvTjce6KBilc4SNryZoJAdT9sJX4L2zSBZ4u9uA_6UjWzZhcjx0ZLYaGvzODTISczXwSQgSRT2Oe0ZqYcj5dQ0nCM8pwxlLMMLO4tJ2iTe4y2GowuPpFf__HIa-TeveR-gPyN5eZCHuJM0IT2NFr66bs62T7GBaBz95EH26N09sqoqFRV68LT2IWXDqesEhIocDrlYSxzYr_rmWHgBAGABpr_i5Gg7I_vwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25gQfzC9YqSK8MbypbHPLrjn8rJQ%26client%3Dca-pub-5781531207509232%26adurl%3D

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2d8ae33ebd033b0dcf48615e2d42c0f7df2b233bb4d657b43500a5889aece575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:28:18 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hXCG4tzZ7gJ8V4nEYD_iEZWyJ0cXLvGpJ1y4ieyIhQ6MHvh1RPWOpVCAJraRe97nlklZ_mwUyWnRILt3Paj_yFN9woTATmC2CbgQqRqV2etrxOzOSvKovjM6CHAnhoU_y-s5p4VTYkFdMZXWjo5lzgUZJwOZFNXAVZyNm3yX4EmNgasRUJ3Vq82L5acndPdU1mgc21CiW-dThsWkmT0NShmTFhDe7Rn2kJVDnUipDveh8RdxN0Ups-uhNLZtHcb8aEqIeg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5814621
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9418 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 06:54:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 38CE 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9418 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:19:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9418 0
0 19ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQe9vbBVuf1h6-PiHARRPrFrK_zAQVQ3VF4_G5ycCDmfjnwYL3eMkuydy61JnlE7agpl6wKSUhJ1C0BZqwUlKQk4JQtnQ
Requested by: Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9418 24 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 11:22:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9418 157 KB
49 KB 192ms
100ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 14:28:18 GMT

GET
H3 200 container.html Show response
79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E72F 6 KB
3 KB 27ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:28:17 GMT
expires: Sat, 03 Feb 2024 14:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 31 KB
5 KB 444ms
156ms XHR
application/json 52.0.141.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=827e435f1885fda0d7e5406bb05085db&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_VIDEOURL=https%3A%2F%2Fcontent1.avplayer.com%2F6006a32f94a1ea4fe84a39a6%2Fvideos%2F625edad12c2bbd0fa201f6f6%2F625edb3e2d0dea26100d8f63%2Fvideo.mp4%3FAV_TAGID&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&d36=6.2.79&responsive=1&sver=4&avtoken=498734&omv=1.0.1&AV_D65=IntentIQ&clsid=f9ac5274-7646-481d-9bd7-db01d0f560f7&rando=64&AV_WIDTH=440&AV_HEIGHT=247&AV_DNT=0&cb=1675434498739&wfc=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.141.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-141-180.compute-1.amazonaws.com
Software: /
Resource Hash: bf4c662b079858253075b267c8cb03ceae688ab59c92f77ba57c6280f48a9b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://www.file.io
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Mon, 23 Jan 2023 00:41:39 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
102ms Image
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.file.io&sn=&ic=0&tgt=0&app=&wi=440&he=247&test=&d36=6.2.79&apppkg=&fv=1&proto=https&d65=IntentIQ&clsid=f9ac5274-7646-481d-9bd7-db01d0f560f7&rando=64&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&e=inventory&vi=100&cb=1675434498737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 47CF 2 KB
1 KB 57ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAALscIu-H4AAwZ1JXKJXLc6OGaeRx_cg&u=%7CwGbAbjAltplE8ACHz2cbnDlT7DWQ8B98Q5NCnr2V3Gg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTMFRL-I4lOsZY7L7jSxM1rrwEXKhEWVcHBPNgFNXC0gpAWPgFBiD6h0S7dEZsfOeI-Y8vuJHZ-l6QQ5sQpOuWjc1IRtE0j_MDMd9acTVfdcWfOtuvms9x1B9z1gEZQct1wpMFCEBgo9KmaZMyMrz_c6FUeXOf1jZMTuMtbXBE8G7fttOdk8Hn5BrcHUHTcYqHXsEss49dL5flOtglY1DRDLkAV183vnrk-fs-wGDquSdHsvsEqqbMfFOSBzC21g16tFlblpbTcEmyvllOKkB0moQxdXFM_3v3cP2iSH6EdhpZgpHmUH_uL72kLHr2_n3GjYlFOgona8Fk3yZftB2siSJb8eDQsGOxxxyEAo8ZkuNYkVbJpbVxddNqhqAMERFMi8mAvd1-0dbEVHyLFyCn4UIELXPzJLpEzzlhbX0nM2KTJL2yuAmUczqw9x7bKd4PqhpNMrRQpjuL4xVCuGdNL_C1nLrBAUVL8VKKwB6m_L8mF34I6gw57v0VTtPJOvwj15pqhGzLJDU5_WAHCj8SYoAJpk2A-iEj83QOdnv9dn6I9L6v7G10A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqcQfAhrdY8dd-MPv9Q_Us7CwDcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTc4MTUzMTIwNzUwOTIzMsgBCakCDqjL0mBHsj7gAgCoAwGqBJYCT9CIUi2zR8dBs-nbw596L7DV9RomAgJC6hg0bhk0wGAKOasK9jYrMrseh5Ar9QZ3sFZZJomAb1douBgzS6yjOJWMPFDjLaihk5NZwBjB9V4YVYECpcXeQ3PbRVjqFArjyEddea886D9ddTp8xsnKnJhkc-bhalh3ExafvTjce6KBilc4SNryZoJAdT9sJX4L2zSBZ4u9uA_6UjWzZhcjx0ZLYaGvzODTISczXwSQgSRT2Oe0ZqYcj5dQ0nCM8pwxlLMMLO4tJ2iTe4y2GowuPpFf__HIa-TeveR-gPyN5eZCHuJM0IT2NFr66bs62T7GBaBz95EH26N09sqoqFRV68LT2IWXDqesEhIocDrlYSxzYr_rmWHgBAGABpr_i5Gg7I_vwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25gQfzC9YqSK8MbypbHPLrjn8rJQ%26client%3Dca-pub-5781531207509232%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:18 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 47CF 2 KB
1 KB 59ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:18 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 47CF 308 B
636 B 19ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 29 Jan 2024 14:28:18 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 47CF 293 B
621 B 66ms
61ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 29 Jan 2024 14:28:18 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 47CF 43 B
348 B 86ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=f0Zu1kWNvEc4YglhsJ38NXTQqvUUbg-cpl08HnHknmeQOAmcvlYnCPxeqBuP-v70aqPNuvfNvifGoKKxbVVNIM4IvVSczmLm_V_NnXjbRhD5xnTZka73R_oKP4CXSqH0vqrhsPFxhEOjX25DSGSiiS0rHliupKYt36HSalIyl-iUT-o5mF0iI6Mfu4Udh2hAN0CBKag2zEZPicmzSkuwlrST18BFKuhJPNDoHxnjX2p9eqWV_ezMRTVEUaVpoR8EsGmUOU3x_xdmx6TwMz0dnSbcyFvh4szr1yTkbAY1hQi8Cz7-CUy9RwtHxCHusPOH9O5vrlJQmcTmeyvd3m18m0XqEiS_cg9UCQgfFOMX8EhoxvaqJGyxnZKXaN3TQEKQZCSS6_JTXFnwfQ1_-2ghEQGg_OZ0xSCpP2flOvWvwV9LmwYq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3422573
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 abdb4c698de340a380660259f34617ac_image_ad_970x250.jpeg
static.criteo.net/design/dt/93397/230201/ Frame 47CF 132 KB
132 KB 24ms
21ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/93397/230201/abdb4c698de340a380660259f34617ac_image_ad_970x250.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6e775498b282d2c0e5eb4ff9bcdf667699071e47055955b989fa6e79a0fa444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 01 Feb 2023 17:17:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63da9e91-20fd6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 135126
expires: Mon, 29 Jan 2024 14:28:18 GMT

GET
H3 200 container.html Show response
79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E79F 6 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:28:17 GMT
expires: Sat, 03 Feb 2024 14:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E72F 0
0 63ms
61ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAAnSAhrdY7rQD6289u8Px_uu-ALJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAtSmKH7oSLI-4AIAqAMBqgSTAk_Qd9OZ0leYJr018LSV-TTJZcEqZ3CtD6GErBI56NLkOtlOaXVn2CO-sOGpkkEZeMPSClfOVHSU2nEWTVx8oiA7HF7DVrYg8ulTNpRMm9qIJLNDuklgYf0RpEsVBMgZkKbWJkdcoIQM8lj7_NOdX8og0mE5G-q_TH1IOP4ZyR69zVJvlCVI_ADFXcFkaCzUFU12dMFOhRY6dCx-LxDuE2OIdqo5cwJoxpYMYfqzHVNEesIcmfZqfpJAoFkxhIyTCH8GUdBvnHDzg58Twv7pqaF2IuadwXRKYKC_mIhwkm7r1ZKdFyDim-6hj9GApjxNQUQHpejsQagOEISVgfG1oLEp2F2LlzIAliafj-pF4YzuKNLM4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=-3D8ZUfaRLE&uach_m=[UACH]&cid=CAQSPADUE5ymlomEwGN7BNtmves1grFGDzj0xGAc-ulRNMhK2p7VeWH-05IU_x1rl_r6xxuigKDvSRctjq-g2xgB
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame E72F 0
0 95ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kISxEvXJVcoH-gGdg2ICAgAAAIqFfbLnKgfkEAIa3WO3vaOLa5eBu5Xf3QASAAAKDkFRVUJBZ1lEQWdFQkFn&wp=Y90aAgAD6DoH_Z4tAAu9x3gleV5kgnWXJAympg

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 276313
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CE92 49 KB
19 KB 39ms
34ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAD6DoH_Z4tAAu9x3gleV5kgnWXJAympg&u=%7CwGbAbjAltpl%2F9jx19NHvr42mjOoM9SVHhVIu%2BpIXiK8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTMFRL-I4lOsZY7L7jSxM1pQ2wA9Pf0Dtk6TQCdSSsfE-zKVBj36NnB8lFdUr7rWkN-V1ccNCRNlK-fGpLZSldZnlAXdyFWq4MjfienmgmMKkMmuJFKzIcAMTdTBTjaBlcu2OR1V_PYlKcQHxUa_wd0wzDe77ZuEqYnNr11QXnWf1SuKF7javHXlDTIIdUBcqU0KjUwT1UVixUBOkos_63zrXfTb28PJpBoTP8jc9qqoN1qxNhot6FKvVsAMVgfygquIfwhe4u_C1_ZkiDbMF01VWrPInSVT-SvkQIAo0Zw8OI8XRw1mM2AlZU_WCnqxjrC1J78mn2ci5A6G9Us8Ne13dpDxh9zLBL53sDDrG-91VubuYonzu6HC6HPOWMCVEYUOncWC4Ji4VblSOEBVmJhADiVa3ek2q7s1ueFhLiRpKNv1Bjb_1iIn7bpLT-ebiVx0rrSFLbixiVcfUQBo4_klr8ITRpHjRF3QV64jvBug9ulk0f9DPlY8UqPn5vDlma7af5Eu6kxckf4Xm_acVz55WpYDFqcwy6VRdr_d85IV8gZVuWnZS_E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1aMKAhrdY7rQD6289u8Px_uu-ALJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAtSmKH7oSLI-4AIAqAMBqgSWAk_Qd9OZ0leYJr018LSV-TTJZcEqZ3CtD6GErBI56NLkOtlOaXVn2CO-sOGpkkEZeMPSClfOVHSU2nEWTVx8oiA7HF7DVrYg8ulTNpRMm9qIJLNDuklgYf0RpEsVBMgZkKbWJkdcoIQM8lj7_NOdX8og0mE5G-q_TH1IOP4ZyR69zVJvlCVI_ADFXcFkaCzUFU12dMFOhRY6dCx-LxDuE2OIdqo5cwJoxpYMYfqzHVNEesIcmfZqfpJAoFkxhIyTCH8GUdBvnHDzg58Twv7pqaF2IuadwXRKYKC_mIhwkm7r1ZKdFyDim-6hj9GApn5PYNaAKnT__jQas1SoJwm8tLuf0nOTFYbIq4BtMPRp-QlErMFzQCga4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ANJR96T92Oxg-xKqn1TsslpzQvQ%26client%3Dca-pub-5781531207509232%26adurl%3D

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

26d76d334335bbbbdf7aac29dddb1ced896c6aeb4b7db0826926fae6e8e5922e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:28:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=aLsvSdzZ7gJ8V4nEzZCi6_BhnWK1MEXQz-SGkNH23BSmv2H9pfPxWMn2-DCw0Eiae2CDmHS_UfJUD0DKM7A88ibeaDLrp0WYBkFQDUrDpmfwkicbXcKcAU_HIgvrbOxxECxXMoE2GF8u-JG-9iRYwDmMnmaFtgeitAa9WDHrvzXUGn2U4cxMzZZWUeFxf_Nq1qUi8m7B31ktszu8vPW0zOvmRwvqTGk4WSsUFY_pDF99KOIW08dyrtueqBShsNwnKV8Gqg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3884954
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E72F 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 06:54:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1303 1 KB
643 B 16ms
11ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E72F 18 KB
7 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:19:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E72F 0
0 24ms
19ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ76wrc2knSWw8nj0xI98gFlYgpnV9FO-dEuUbv6U2nEpRVOoO5CW2FDY1iOtcQFJF5ZwO_vU93BhIrwtL6zmnjhuYrTA
Requested by: Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E72F 24 KB
6 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 11:22:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E72F 157 KB
48 KB 146ms
142ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 14:28:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38CE
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDxufTr3LvfAiMUwDGTI_EQ&google_cver=1&google_push=Aa02lx_w8Lhoc4NyegTZBQm6-mNPEEuFzQ8Dnx_-MjuJunW4fP44OuR7Ey8Bw2zt7GOVgW3NQdNuC...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx_w8Lhoc4NyegTZBQm6-mNPEEuFzQ8Dnx_-MjuJunW4fP44OuR7Ey8Bw2zt7GOVgW3NQdNuCQZdkEeUBE-viPDW2mnXbzFz

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx_w8Lhoc4NyegTZBQm6-mNPEEuFzQ8Dnx_-MjuJunW4fP44OuR7Ey8Bw2zt7GOVgW3NQdNuCQZdkEeUBE-viPDW2mnXbzFz

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 14:28:18 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D0DEF4DE14604E11B8F032F5B0C1C5CB Ref B: FRAEDGE1522 Ref C: 2023-02-03T14:28:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx_w8Lhoc4NyegTZBQm6-mNPEEuFzQ8Dnx_-MjuJunW4fP44OuR7Ey8Bw2zt7GOVgW3NQdNuCQZdkEeUBE-viPDW2mnXbzFz
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzzH4pJxL8j/K7PK1DRw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38CE
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGvo0r6LkXR6FuvqM8MlQ7g&google_cver=1&google_push=Aa02lx-tqV3foFdRY6P-S11MP4rOw9trDVRa0F24ewdD_pPWxGEoVq_N3HXPujUiq_P3AKMlq64fyu93FRsTESWcjwH-...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGvo0r6LkXR6FuvqM8MlQ7g&google_cver=1&google_push=Aa02lx-tqV3foFdRY6P-S11MP4rOw9trDVRa0F24ewdD_pPWxGEoVq_N3HXPujUiq_P3AKMlq64fyu93FRsTES...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=4393a371-46df-4df8-a28a-b8d3700bb928
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=4393a371-46df-4df8-a28a-b8d3700bb928
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=df1bfa22-4508-4f83-a1ce-66f6c6805d7b&user_group=1&ssp=google&bsw_param=4393a371-46df-4df8-a28a-b8d3700bb928
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-tqV3foFdRY6P-S11MP4rOw9trDVRa0F24ewdD_pPWxGEoVq_N3HXPujUiq_P3AKMlq64fyu93FRsTESWcjwH-5DasrslSDg&google_hm=Q5OjcUbfTfiiirjTcAu5KA==

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-tqV3foFdRY6P-S11MP4rOw9trDVRa0F24ewdD_pPWxGEoVq_N3HXPujUiq_P3AKMlq64fyu93FRsTESWcjwH-5DasrslSDg&google_hm=Q5OjcUbfTfiiirjTcAu5KA==

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-tqV3foFdRY6P-S11MP4rOw9trDVRa0F24ewdD_pPWxGEoVq_N3HXPujUiq_P3AKMlq64fyu93FRsTESWcjwH-5DasrslSDg&google_hm=Q5OjcUbfTfiiirjTcAu5KA==
date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38CE
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEB69kXD0Mg9S22YJ_gUX-BQ&google_cver=1&google_push=Aa02lx_Rpk78H0WU9XEhzncV8mtK3n1oJiUlcDp6zcbXjeM0Tu2rwmlzoyuzQrS6CUcI8NARPVqjrfeHj3iBRaa6UwTZYx...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEB69kXD0Mg9S22YJ_gUX-BQ&google_cver=1&google_push=Aa02lx_Rpk78H0WU9XEhzncV8mtK3n1oJiUlcDp6zcbXjeM0Tu2rwmlzoyuzQrS6CUcI8NARPVqjrfeHj3iBRaa6...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=K3IEIGRBRMW5BW-ekrD8Ng&google_push=Aa02lx_Rpk78H0WU9XEhzncV8mtK3n1oJiUlcDp6zcbXjeM0Tu2rwmlzoyuzQrS6CUcI8NARPVqjrfeHj3iBRaa...

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=K3IEIGRBRMW5BW-ekrD8Ng&google_push=Aa02lx_Rpk78H0WU9XEhzncV8mtK3n1oJiUlcDp6zcbXjeM0Tu2rwmlzoyuzQrS6CUcI8NARPVqjrfeHj3iBRaa6UwTZYxFRbLrH

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=K3IEIGRBRMW5BW-ekrD8Ng&google_push=Aa02lx_Rpk78H0WU9XEhzncV8mtK3n1oJiUlcDp6zcbXjeM0Tu2rwmlzoyuzQrS6CUcI8NARPVqjrfeHj3iBRaa6UwTZYxFRbLrH
access-control-allow-origin: *
date: Fri, 03 Feb 2023 14:28:19 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38CE
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECKT7utaY-RNcv3U3GN_XSE&google_cver=1&google_push=Aa02lx8rZSl6JbOwjlm9BfkA8-FL73e8b6CV4R9aszUqvss9cVdIbKfnx7vzsYIxGFo4_52ngo1bZa4FSNwUKaGYK2DsDWBVyd...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8rZSl6JbOwjlm9BfkA8-FL73e8b6CV4R9aszUqvss9cVdIbKfnx7vzsYIxGFo4_52ngo1bZa4FSNwUKaGYK2DsDWBVyd8...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTI2NTczNDc0MzQyNzQ4MTU4NDYy&google_push=Aa02lx8rZSl6JbOwjlm9BfkA8-FL73e8b6CV4R9aszUqvss9cVdIbKfnx7vzsYIx...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTI2NTczNDc0MzQyNzQ4MTU4NDYy&google_push=Aa02lx8rZSl6JbOwjlm9BfkA8-FL73e8b6CV4R9aszUqvss9cVdIbKfnx7vzsYIxGFo4_52ngo1bZa4FSNwUKaGYK2DsDWBVyd8rKA

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTI2NTczNDc0MzQyNzQ4MTU4NDYy&google_push=Aa02lx8rZSl6JbOwjlm9BfkA8-FL73e8b6CV4R9aszUqvss9cVdIbKfnx7vzsYIxGFo4_52ngo1bZa4FSNwUKaGYK2DsDWBVyd8rKA
date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38CE
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEDLDxdCGMjxul3XkNBFL2aw&google_cver=1&google_push=Aa02lx86MuXpMeentoh0LL9NY-Qsu23p54SioW1RVWVTi_6xWDcswIIxC76BuuhEnOESUrEH_N1gRG-kmh9QeWK1cbF2hpk3c...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx86MuXpMeentoh0LL9NY-Qsu23...

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx86MuXpMeentoh0LL9NY-Qsu23p54SioW1RVWVTi_6xWDcswIIxC76BuuhEnOESUrEH_N1gRG-kmh9QeWK1cbF2hpk3cyRLPg&gdpr=&gdpr_consent=

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:19 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx86MuXpMeentoh0LL9NY-Qsu23p54SioW1RVWVTi_6xWDcswIIxC76BuuhEnOESUrEH_N1gRG-kmh9QeWK1cbF2hpk3cyRLPg&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Fri, 03 Feb 2023 14:28:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38CE
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMOcZ_EIB9K3QBO03S-KK8k&google_cver=1&google_push=Aa02lx99Xo8miLlSJxA53t_c2XLghTHfsc_TfrdAZ-YAI3_SN4rItRmcDq93Vfv4wJAOyX7IfMDOf...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx99Xo8miLlSJxA53t_c2XLghTHfsc_TfrdAZ-YAI3_SN4rItRmcDq93Vfv4wJAOyX7IfMDOfjadfOB4SDK0X5AHuYR2KRLubg&google_hm=WTkwYUE4Q...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx99Xo8miLlSJxA53t_c2XLghTHfsc_TfrdAZ-YAI3_SN4rItRmcDq93Vfv4wJAOyX7IfMDOfjadfOB4SDK0X5AHuYR2KRLubg&google_hm=WTkwYUE4Q284WHNBQUhJdkloUUFBQUFB

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Fri, 03 Feb 2023 14:28:19 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEMOcZ_EIB9K3QBO03S-KK8k&google_push=Aa02lx99Xo8miLlSJxA53t_c2XLghTHfsc_TfrdAZ-YAI3_SN4rItRmcDq93Vfv4wJAOyX7IfMDOfjadfOB4SDK0X5AHuYR2KRLubg&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y90aA8Co8XsAAHIvIhQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad377"}
X-SO-Key: Y90aA8Co8XsAAHIvIhQAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad377
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx99Xo8miLlSJxA53t_c2XLghTHfsc_TfrdAZ-YAI3_SN4rItRmcDq93Vfv4wJAOyX7IfMDOfjadfOB4SDK0X5AHuYR2KRLubg&google_hm=WTkwYUE4Q284WHNBQUhJdkloUUFBQUFB
Cache-Control: private
X-SO-HostName: m-ad377.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng23.dc4p.scaleout.jp
X-SO-IP: 217.64.151.29

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 38CE
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEHEHikCNfll9gmaG8wCO-SA&google_cver=1&google_push=Aa02lx--svtAF9gEqD2zAIxQoSPf48TmiAFB2EP1ZkuUwv8e_mkWI3D44dS7Tuj2Mrn40DZge7tpN_ARtUwQVKJR1uRaAH2vEey-NyI
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZTMxZTRkMTMtOTgzMS00Y2U5LWI5NjItMTdjNzRhOGNhOWEx&google_push=Aa02lx--svtAF9gEqD2zAIxQoSPf48TmiAFB2EP1ZkuUwv8e_mkWI3D44dS7Tuj2Mrn40DZ...

170 B
329 B

16ms
15ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZTMxZTRkMTMtOTgzMS00Y2U5LWI5NjItMTdjNzRhOGNhOWEx&google_push=Aa02lx--svtAF9gEqD2zAIxQoSPf48TmiAFB2EP1ZkuUwv8e_mkWI3D44dS7Tuj2Mrn40DZge7tpN_ARtUwQVKJR1uRaAH2vEey-NyI

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZTMxZTRkMTMtOTgzMS00Y2U5LWI5NjItMTdjNzRhOGNhOWEx&google_push=Aa02lx--svtAF9gEqD2zAIxQoSPf48TmiAFB2EP1ZkuUwv8e_mkWI3D44dS7Tuj2Mrn40DZge7tpN_ARtUwQVKJR1uRaAH2vEey-NyI
date: Fri, 03 Feb 2023 14:28:18 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 38CE 0
139 B 61ms
13ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKueREDYkvMTZalHUtmuJbKtaVHbPbZsaqiIxHxoMTY9GiFu1v9DSuYBqgJHWFThaSPHa5ZA

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020201&jk=425517384572797&bg=!a2ilaCzNAAaq5O5FiuQ7ACkAdvg8WlmjRlvL_PQk4l8OiSjNbG5rR7A5IJ45vO1Zt-PejezaonpPFgIAAAExUgAAAAhoAQcKAAnYpyqkZicEUmqZAo91PgBpgy7H0RUn7IBfeSS-58P02A9DckycZ_qE1fImoDoXT-jJH0TY9EO0M8I2HvagFYsZGUfNzsk7Zf8ahxujLQZ-LD6baPgOkyZHTO_fgyfoacq4a7t9Kwv58_5jcNvm7VuD4ZTh1e-3FMOQf3Bz6ZkC9Lz8aAEKzlkNNeeT8i8eCPwKt7kEIASVc_g-teneZN_x6k6Xn4FLMIRSB-496eQ3ZtQ8Jwt9GbW4VsKlh0koSVnj4-WerrNgdQ_NeUDjq2N6aINtt_8HyPXluidRd7-eSpwyuxQbXByhUwca7vbMRHcvQ08Hf1aMfOKbXkVgMvANXtUwsaZu9apYveVXhWXMgc49XEO6aOeW7mtnoOpY5CuLUSYS5ALg0fgWSHl_doCMrRJMIyZhCubB966TaQjRGaz6slqIvDcqb4bvjq7nswLMVnXL9AjNMzuld2GDJ7d9IUVXehWBw_Mr9CHjQVNQ6NSzGYDJ0dmYwcD42m-CtLgJPfMoEU2FiFuexJvaugKzznh61Na5_Hd8YeXp3XViDUzjOXRGUwrh7YYJK3sQSeD69VHyKv6ngG0ph8A9sSFmeAAhEl1ObQNrwlDGPKab0u5hMal48EI_DESzxjrbFyqx_CUiKUtMYIcSZqDG8PKnrOnb8PMbyjbCe7vKROqZ47PAdBUjgKJZiXqHMLRFF-i9K9CA60Nsbkqo0JYCf2_MEBdj3gnA9VneaatJV8ut5Our0D2jiwRAk4V8RgUkUb0aeXMvuEFJo1ZqrEWRHBsG7V4BPz4xia3yELBVHON-7OmiKD6qUZ4RnYnLAyD_RJ30iI047B1GAk98ApXhZ35mt2ueGhOlIt-WsR5M5s-CI1KmlAcU01YKFRz4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 47CF 0
128 B 304ms
20ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=hXCG4tzZ7gJ8V4nEYD_iEZWyJ0cXLvGpJ1y4ieyIhQ6MHvh1RPWOpVCAJraRe97nlklZ_mwUyWnRILt3Paj_yFN9woTATmC2CbgQqRqV2etrxOzOSvKovjM6CHAnhoU_y-s5p4VTYkFdMZXWjo5lzgUZJwOZFNXAVZyNm3yX4EmNgasRUJ3Vq82L5acndPdU1mgc21CiW-dThsWkmT0NShmTFhDe7Rn2kJVDnUipDveh8RdxN0Ups-uhNLZtHcb8aEqIeg&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 47CF 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:18 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 47CF 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:18 GMT

GET
DATA 200
OK truncated
/ Frame 9418 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82803594801967030bc695210eab72b6351d3143942bcde117ae256a513d4f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CE92 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAD6DoH_Z4tAAu9x3gleV5kgnWXJAympg&u=%7CwGbAbjAltpl%2F9jx19NHvr42mjOoM9SVHhVIu%2BpIXiK8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTMFRL-I4lOsZY7L7jSxM1pQ2wA9Pf0Dtk6TQCdSSsfE-zKVBj36NnB8lFdUr7rWkN-V1ccNCRNlK-fGpLZSldZnlAXdyFWq4MjfienmgmMKkMmuJFKzIcAMTdTBTjaBlcu2OR1V_PYlKcQHxUa_wd0wzDe77ZuEqYnNr11QXnWf1SuKF7javHXlDTIIdUBcqU0KjUwT1UVixUBOkos_63zrXfTb28PJpBoTP8jc9qqoN1qxNhot6FKvVsAMVgfygquIfwhe4u_C1_ZkiDbMF01VWrPInSVT-SvkQIAo0Zw8OI8XRw1mM2AlZU_WCnqxjrC1J78mn2ci5A6G9Us8Ne13dpDxh9zLBL53sDDrG-91VubuYonzu6HC6HPOWMCVEYUOncWC4Ji4VblSOEBVmJhADiVa3ek2q7s1ueFhLiRpKNv1Bjb_1iIn7bpLT-ebiVx0rrSFLbixiVcfUQBo4_klr8ITRpHjRF3QV64jvBug9ulk0f9DPlY8UqPn5vDlma7af5Eu6kxckf4Xm_acVz55WpYDFqcwy6VRdr_d85IV8gZVuWnZS_E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1aMKAhrdY7rQD6289u8Px_uu-ALJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAtSmKH7oSLI-4AIAqAMBqgSWAk_Qd9OZ0leYJr018LSV-TTJZcEqZ3CtD6GErBI56NLkOtlOaXVn2CO-sOGpkkEZeMPSClfOVHSU2nEWTVx8oiA7HF7DVrYg8ulTNpRMm9qIJLNDuklgYf0RpEsVBMgZkKbWJkdcoIQM8lj7_NOdX8og0mE5G-q_TH1IOP4ZyR69zVJvlCVI_ADFXcFkaCzUFU12dMFOhRY6dCx-LxDuE2OIdqo5cwJoxpYMYfqzHVNEesIcmfZqfpJAoFkxhIyTCH8GUdBvnHDzg58Twv7pqaF2IuadwXRKYKC_mIhwkm7r1ZKdFyDim-6hj9GApn5PYNaAKnT__jQas1SoJwm8tLuf0nOTFYbIq4BtMPRp-QlErMFzQCga4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ANJR96T92Oxg-xKqn1TsslpzQvQ%26client%3Dca-pub-5781531207509232%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CE92 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CE92 308 B
636 B 22ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CE92 293 B
621 B 20ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame CE92 43 B
347 B 24ms
17ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=IW9uuUWNvEc4YglhsJ38NXTQqvX2leAmdiBNYveYXzpUXPswq5mPf4HrmWqfzHrLYhfoveO1RM0y6y6IRTFz_CBSLrevO8xRMkBBUGIk1Jvb_Q27tEL_a-I4V65z2JdXK-Y7-vp_LVcHV3JdktqQV4xYrFcCJlOxQC76PQwxXro0Vn_FeatXIIyO6FTmIaBg76maNSkGUufdrV_KAzoHEq8xTpWOxjf1eyBOItc-4zX_8FWKRprXS9_rKJnJpJjrV2QPUpNr6yDZHR4Km2z9jCzMhHAoPIe-UcgUy8XYZSlzKq1tN_1YnWbJZkkC4uHLDVhp6cfe0I0qfKvP1dTqc-5DKRdSIjHQZo3ENlhcxCnMyS89-jXVFVBZe-6xmJdKd1A3RTKtn8Uu4OfWzT0i-C7OcEKwKYwAjN7EyukNIX5WKpT2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1757023
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 abdb4c698de340a380660259f34617ac_image_ad_970x250.jpeg
static.criteo.net/design/dt/93397/230201/ Frame CE92 132 KB
132 KB 20ms
16ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/93397/230201/abdb4c698de340a380660259f34617ac_image_ad_970x250.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6e775498b282d2c0e5eb4ff9bcdf667699071e47055955b989fa6e79a0fa444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 01 Feb 2023 17:17:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63da9e91-20fd6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 135126
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E79F 0
0 62ms
62ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C38ClAhrdY_ntHYWj9u8PqPWQ2A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAhSwXeC_V7I-4AIAqAMBqgSTAk_QH9muZqn3F93tlHGPNN35-7YBye2NKlu_pJiA2ROSvrt4JeMGngIe21z-3MHY2vejvJFux2iQZqf-DuZ_2eYMfq-FMsKU0Gjte4ABDQrhlXmcV9oaIr6d0kJSV5J9qJ0FjGZxHaHwDJ91bR6juH16hTRiZ9ze56-nyoE7kyQxieIijMxuXa-UjYuetxTh4UChBeMNrYzCbSP9ruuyS8lG5fmBMjRS7YrajGEc4l8T86RHOOYGr0yi8O24y4azakvZ3crlegorOhGw9PcSvpC_F3M4xSC5WC0iJPjJwxMGHvGSa5dlU0u_QN3K3L4gwgkSzTESKRiQbSKN5bgzdunkBlshKOi9KQ9hOjwsuEjpr8sG4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=-0KxfjN_MhI&uach_m=[UACH]&cid=CAQSPADUE5ymYDIaP67hg2yLPTFmf4lJwWO1g2T-7n4MRxqGwAV4pprhq8BZxmtysLO3XpE2ZUNg4kShcnUhvRgB
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame E79F 0
0 15ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kISxEvLJVaAB2ASdg2ICAgAAAIqFfbLnKgfkEAIa3WNPafWxifGCRrZOygASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y90aAgAHdvkH_ZGFAAQ6qNqTR4_trqbD_tXtcA

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 289874
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 632F 108 KB
40 KB 65ms
52ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAHdvkH_ZGFAAQ6qNqTR4_trqbD_tXtcA&u=%7CwGbAbjAltpl3BlqT1hI99pw9cXk%2B5a9nEQYFVLn%2FhEA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZzyYh2cWrQCA7ZKOeOhZTlbyWr7DbuiBJZhyD0YEWX41xrvKQsoQe7Lm29CHiRj3EMuW81RAQbj61leBuwMTqrQGXEMSupvHKgMlCI-kZ7b_DhpoEwOHliXBbMMwomiCFIruXCrMi8ZbZ5qyqUZklB7Ay1mB4Gjgx7JJBBoWUDbbJz9qQeuqX_opW28MqHe-81InUoTPcwJT0wKOBpj4kZeUWEsqycBEUiAO0kDkcbCW7bD5M_GIScOFc3o-9TNDbD4crj0TnxTMmJbW-cF-SD3_lULvtICKWRF2nhOAzCOqU1j3Z1YhTC39DtHWepwRqYGn4DSOiVt_k2ZWyoqhcS0nL3EBBXlJxalUKfdkikzPdj1NySYcmYXf6vmQvFtpIyoUmiPM5UzCDHY6P6gOMK7S8W-sFqgSkSrxPHQ_GGyJQ8BXii51_bNV3PvIT77ijOJZqNZijJG8bOGa9JhQ7cjk0mMlbggv6RCq5Ny81eJuAz5RRHOR_a0tKG2v5CmI42puM-bCCshL3kUQhvwNrgDXZaVROzFCXng_sO3EWRcU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf23TAhrdY_ntHYWj9u8PqPWQ2A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAhSwXeC_V7I-4AIAqAMBqgSWAk_QH9muZqn3F93tlHGPNN35-7YBye2NKlu_pJiA2ROSvrt4JeMGngIe21z-3MHY2vejvJFux2iQZqf-DuZ_2eYMfq-FMsKU0Gjte4ABDQrhlXmcV9oaIr6d0kJSV5J9qJ0FjGZxHaHwDJ91bR6juH16hTRiZ9ze56-nyoE7kyQxieIijMxuXa-UjYuetxTh4UChBeMNrYzCbSP9ruuyS8lG5fmBMjRS7YrajGEc4l8T86RHOOYGr0yi8O24y4azakvZ3crlegorOhGw9PcSvpC_F3M4xSC5WC0iJPjJwxMGHvGSa5dlU0u_QN3K3Pwi45uVQq0BloSEzvKwQ0A6YuNSDHU5qlx1FKmThSIAoM1DK9i5K_814AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TNdFLJm8p2LnJD0J01k0Py1vamA%26client%3Dca-pub-5781531207509232%26adurl%3D

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1350626aeb2c7ed8c84e66fe443fe70995a3f1afd5219d3a66e0977e4f95a4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 14:28:18 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7mWDDNzZ7gJ8V4nEDZIkvxk07NHvWRNpa4uDZ-x3bTVeV6sYYdHH6mx2623AhCE-06HDZkGKmomcw2buIil9THwYYfUrw6TT11GBap0op-CSm9pjwi879L7WhUcX460M2qgyx1_69ExDxM-Xw9hQQE_zMXDyg18Q4-JDqvYKl8ps_fkB1miBqD7qjMPy53GRy4aLHvMPBh9SJ3Wh5oujc1R5hxP2WnpXSgUP-Q4QMllTHncSlXwU4uRDo4kX7yXPfXqyow"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 23397542
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E79F 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 06:54:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5D7B 1 KB
643 B 14ms
8ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E79F 18 KB
7 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:19:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E79F 0
0 20ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOewv4GP4YyiMlSlb4QhbfcpMEH4BYtyvHGwJq2rmXRCikQTP7r7_Vt0wsBKfEgHy5SpEZI-Z7LL9jbLwxF25fbdlUsw
Requested by: Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E79F 24 KB
6 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 11:22:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E79F 157 KB
48 KB 106ms
103ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 14:28:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1303
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEE5pTx64jTwRi8axg3m9EYI&google_cver=1&google_push=Aa02lx-VuGkXawSeJnzaSvrVGjjJLzP6OJsjmGaVABpWoX2cRQJMeB4g6WFtj0xw4ufhFGe3jjtjg9hHbT_6JLAN...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-VuGkXawSeJnzaSvrVGjjJLzP6OJsjmGaVABpWoX2cRQJMeB4g6WFtj0xw4ufhFGe3jjtjg9hHbT_6JLANaaHuQTHBl3I

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-VuGkXawSeJnzaSvrVGjjJLzP6OJsjmGaVABpWoX2cRQJMeB4g6WFtj0xw4ufhFGe3jjtjg9hHbT_6JLANaaHuQTHBl3I

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 14:28:19 GMT
Server: MT3 421 8749e8d master cdg-pixel-x34 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-VuGkXawSeJnzaSvrVGjjJLzP6OJsjmGaVABpWoX2cRQJMeB4g6WFtj0xw4ufhFGe3jjtjg9hHbT_6JLANaaHuQTHBl3I
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 03 Feb 2023 14:28:18 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1303
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE8NiHAXSAFRGGWPWowzMpY&google_cver=1&google_push=Aa02lx8Kv0zGcViFtTT1ibVmcxFiQ6ZLEFEpB0d8TWYwvBNJw4B2O8b6GEVkG_AwMIro0XRbGWxJ-Szb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE8NiHAXSAFRGGWPWowzMpY&google_cver=1&google_push=Aa02lx8Kv0zGcViFtTT1ibVmcxFiQ6ZLEFEpB0d8TWYwvBNJw4B2O8b6GEVkG_AwMIro0XRbGWx...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxOTQyMDM4ODE2MzQ5MDI4MQ&google_push=Aa02lx8Kv0zGcViFtTT1ibVmcxFiQ6ZLEFEpB0d8TWYwvBNJw4B2O8b6GEVkG_AwMIro0XRbGWxJ-S...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxOTQyMDM4ODE2MzQ5MDI4MQ&google_push=Aa02lx8Kv0zGcViFtTT1ibVmcxFiQ6ZLEFEpB0d8TWYwvBNJw4B2O8b6GEVkG_AwMIro0XRbGWxJ-SzbBTlNp_Pmnq8AojPHgw

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxOTQyMDM4ODE2MzQ5MDI4MQ&google_push=Aa02lx8Kv0zGcViFtTT1ibVmcxFiQ6ZLEFEpB0d8TWYwvBNJw4B2O8b6GEVkG_AwMIro0XRbGWxJ-SzbBTlNp_Pmnq8AojPHgw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 1303 0
498 B 481ms
106ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAa02lx8MrDYfXo8TIFz97FjKk1mzVicay9SAWI4e1A0tb0wbAGA22M_MMSwJ46ffg3ea9jjwPfyfcQmeZUCR5rjM759yEUZqK9Pk%26google_hm%3D%5BUID%5D&google_gid=CAESEPxCjP38mZr-CLHeI5MMZRA&google_cver=1

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-51
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1303
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-2Dz2O--q0Fv2fkCKSIO1-GtBpmEPk6P-pvil3-zP6jPKKhQtCqfZPw08mhNNZOlPY1bVuSOgVjUzO-izBIXu9LVHUu_kH&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-5dc255ed-3b53-47e7-bee1-f3502f4bb2de-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-2Dz2O--q0Fv2fkCKSI...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-2Dz2O--q0Fv2fkCKSIO1-GtBpmEPk6P-pvil3-zP6jPKKhQtCqfZPw08mhNNZOlPY1bVuSOgVjUzO-izBIXu9LVHUu_kH&google_hm=A13CVe07U0fnvuHzUC9Lst4

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-2Dz2O--q0Fv2fkCKSIO1-GtBpmEPk6P-pvil3-zP6jPKKhQtCqfZPw08mhNNZOlPY1bVuSOgVjUzO-izBIXu9LVHUu_kH&google_hm=A13CVe07U0fnvuHzUC9Lst4

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-2Dz2O--q0Fv2fkCKSIO1-GtBpmEPk6P-pvil3-zP6jPKKhQtCqfZPw08mhNNZOlPY1bVuSOgVjUzO-izBIXu9LVHUu_kH&google_hm=A13CVe07U0fnvuHzUC9Lst4
date: Fri, 03 Feb 2023 14:28:19 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX5dc255ed3b5347e7bee1f3502f4bb2de003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1303
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEH-p5F8iWdovBgCb29CwOGU&google_cver=1&google_push=Aa02lx8_wfWGVCAeXVw2efJ-Nzh5aYzctRSGMhQ0mwrvepRTObYV4m7QpoZCmTRl3WVJ_LIqDSegZxYad9tZAYTz3tHQ730F_4N5
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx8_wfWGVCAeXVw2efJ-Nzh5aYz...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx8_wfWGVCAeXVw2efJ-Nzh5aYzctRSGMhQ0mwrvepRTObYV4m7QpoZCmTRl3WVJ_LIqDSegZxYad9tZAYTz3tHQ730F_4N5&gdpr=&gdpr_consent=

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:19 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx8_wfWGVCAeXVw2efJ-Nzh5aYzctRSGMhQ0mwrvepRTObYV4m7QpoZCmTRl3WVJ_LIqDSegZxYad9tZAYTz3tHQ730F_4N5&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Fri, 03 Feb 2023 14:28:19 GMT

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 1303 42 B
233 B 346ms
88ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEH_qDkxZl2oT30-mRl2Ugds&google_cver=1&google_push=Aa02lx9hJK6R1A2I8aup-rc2i-1cB-mvzI4nFLGFWsINQ7YFXrAmJxLaqS_AxXp7aYI_o21NFtEsrhGM1myBqCQQM1aHYE4ZgIgxgg
Requested by: Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:19 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 1303
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEOVk_WaqKhYVKXI9RkUKQSs?ext-param=Aa02lx9UbTWfIsdp6HPw6qpVuzgPc_qn7YR5NsqUsr2RVXV6O4UZlfkjXiZ2S4fTSbhr5wV6hVUUDpbZpVHq6gv9diadiCOMqrut-A&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEOVk_WaqKhYVKXI9RkUKQSs?redir-setuniq=1&ext-param=Aa02lx9UbTWfIsdp6HPw6qpVuzgPc_qn7YR5NsqUsr2RVXV6O4UZlfkjXiZ2S4fTSbhr5wV6hVUUDpbZpVHq6gv9diadiCOMqrut-A&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOVk_WaqKhYVKXI9RkUKQSs&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

56ms
56ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2024 14:28:19 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1303 0
12 B 19ms
15ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdmqXS37iMrJ3wlH9vbWtYKBGnHaOLiobe4HcrqGGoq5iI9EXk5mNdIlCmZyjgnMj6iwYCjrE

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
70 B 98ms
98ms Image
text/plain 54.80.246.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cply&cb=1675434499225
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.246.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-246-179.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame CF0B
Redirect Chain

https://csync.loopme.me/?pubid=11398&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D56%26pid%...
https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=56&pid=5f2063121d82c82557194737&key=5c372909-5a69-45f0-8799-7a5e152bfafe&gdpr_consent=null&g...

0
239 B

241ms
99ms

Document
text/plain

52.44.202.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=56&pid=5f2063121d82c82557194737&key=5c372909-5a69-45f0-8799-7a5e152bfafe&gdpr_consent=null&gdpr=1
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.202.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-202-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT

Redirect headers

content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=56&pid=5f2063121d82c82557194737&key=5c372909-5a69-45f0-8799-7a5e152bfafe&gdpr_consent=null&gdpr=1
server: _

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 7775 0
45 B 178ms
28ms Document
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Fri, 03 Feb 2023 14:28:18 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 96BD
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=1&_fw_gdpr_consent=
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=f784a2b9ba63e56f8a85a1fb43c292f4&_fw_gdpr=1&_fw_gdpr_consent=

0
232 B

99ms
99ms

Document
text/plain

52.44.202.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=f784a2b9ba63e56f8a85a1fb43c292f4&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.202.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-202-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 03 Feb 2023 14:28:19 GMT
Expires: Fri, 03 Feb 2023 14:28:19 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=f784a2b9ba63e56f8a85a1fb43c292f4&_fw_gdpr=1&_fw_gdpr_consent=
Pragma: no-cache
Server: nginx
x-sticky-vk: 1675434499502018-398

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame C7AE 43 B
624 B 280ms
36ms Document
image/gif 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 14:28:19 GMT
Expires: Fri, 03 Feb 2023 14:28:19 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1675434499495023-416

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 89DC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26bid...
https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=200&key=OPTOUT

0
200 B

313ms
98ms

Document
text/plain

52.44.202.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=200&key=OPTOUT
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.202.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-202-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Fri, 03 Feb 2023 14:28:19 GMT
etag: OPTOUT
expires: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=200&key=OPTOUT
pragma: no-cache

GET
H2 204 services
sync.technoratimedia.com/ Frame 058B 0
0 305ms
96ms Document
text/plain 2603:c020:400d:3000:bf17:cd18:9a23:846c
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675434499074-925372504357-001494-011-006239&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:c020:400d:3000:bf17:cd18:9a23:846c Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.file.io/
age: 0
date: Fri, 03 Feb 2023 14:28:19 GMT
server: nginx
via: 1.1 varnish
x-varnish: 460144077

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4911 16 KB
6 KB 100ms
21ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D1%26key%3D
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=63192
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 03 Feb 2023 14:28:19 GMT
expires: Sat, 04 Feb 2023 08:01:31 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame D3A5 0
0 538ms
170ms Document
text/plain 209.191.163.210
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D18%26key%3D%24UID
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Fri, 03 Feb 2023 14:28:19 GMT
X-Sovrn-Pod: ad_ap4sfo1

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame A5E6 0
0 67ms
12ms Document
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Fri, 03 Feb 2023 14:28:19 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame CA21
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

83ms
7ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Feb 2023 14:28:19 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 036B 43 B
304 B 48ms
19ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D23%26key%3D
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Fri, 03 Feb 2023 14:28:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 4029
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D105%26pid%3D59c9148...
https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=105&pid=59c9148628a0612da3689288&key=1119ec94-a552-4fe1-9564-ee0d165ef369&gdpr=1&gdpr_consen...

0
239 B

306ms
101ms

Document
text/plain

52.44.202.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=105&pid=59c9148628a0612da3689288&key=1119ec94-a552-4fe1-9564-ee0d165ef369&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.202.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-202-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT

Redirect headers

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1675434499074-925372504357-001494-011-006239&biddername=105&pid=59c9148628a0612da3689288&key=1119ec94-a552-4fe1-9564-ee0d165ef369&gdpr=1&gdpr_consent=&us_privacy=
server: envoy
x-envoy-upstream-service-time: 1

GET
H2 200 avpb7.12.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A42B 174 KB
55 KB 25ms
24ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJPQ9J4GEogBCiQzZDMzYzAyNC1iZjQ4LTQwZDItYWQwYi02ZTZlMjdkZjcyNDgQyIKixK/g/AIaBgiDtPSeBiINMjE3LjY0LjE1MS4yOSio5gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGFlODY4NmFlLWVjMDctNDU3MS05OGU3LWUwMjY5ZjkxMjg2OBj0tAMiGAgCEhRjZHMyNzYubG80Lmh3Y2RuLm5ldA==.axLGlZeV9paxxhzaKvcktRFuTErT6GHCu2Hekaoqzyw=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675434499.dop262.lo4.t,1675434499.cds288.lo4.hn,1675434499.cds276.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 55924

GET
H2 200 avpb7.12.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A42B 62 KB
20 KB 52ms
52ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: fb2a3185b8a550b167ef6b3a84e7820b82de0f0d51acd770e62cf0e83c655f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJPQ9J4GEogBCiQyNWYwOGZhZi0xNDZjLTRhMmMtOWM5Mi1hMGZiM2RlMGQ3MjIQyIKixK/g/AIaBgiDtPSeBiINMjE3LjY0LjE1MS4yOSio5gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDM0Y2ZlOTVmLTQ4N2EtNDRiYi05NmU5LTcyNTRmZDg2MjRiNhiPoAEiGAgCEhRjZHMzMjAubG80Lmh3Y2RuLm5ldA==.wA5Es0hChPnuE561wpmGvaspTMPelawSqOTK6wfWM/I=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675434499.dop262.lo4.t,1675434499.cds288.lo4.hn,1675434499.cds320.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 20495

GET
H2 200 avpb7.12.0a5.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A42B 61 KB
20 KB 58ms
57ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a5.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: cac67af0d29938a7154913246d0c213da39b0cea16f6d152d9ad72628d7a0519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJPQ9J4GEogBCiQzMGVmNWJjYi04NjRlLTQ0YjEtOWFmOS05NTAwNGJiNjVmZGEQyIKixK/g/AIaBgiDtPSeBiINMjE3LjY0LjE1MS4yOSio5gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGMyYTdmNzIxLTAwODQtNGYwYy1iNGE1LTBkZjFhOTBlODFiMBjdmQEiGAgCEhRjZHMzMjAubG80Lmh3Y2RuLm5ldA==.Yqswj77YescMXVVCodSCAtOCiXQcIT+GEtk0K2x0ZxE=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675434499.dop262.lo4.t,1675434499.cds288.lo4.hn,1675434499.cds320.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 19677

GET
H2 200 avpb7.12.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A42B 70 KB
24 KB 66ms
65ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: e0b10948c8f8424409e72354023bb956d7a6d000840271dae5bcc642c73906d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJPQ9J4GEogBCiRhMjZiMmIwZC1kODZkLTQ3MzctODY5ZC1jNzY2MThhMzc1N2YQyIKixK/g/AIaBgiDtPSeBiINMjE3LjY0LjE1MS4yOSio5gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGUyMTU3NGU5LWI0OTAtNDU0Mi1iNGM2LTdmMWM2YTYxNDA4NxizugEiGAgCEhRjZHMzMjAubG80Lmh3Y2RuLm5ldA==.789RNx5Yh0UVsrFz5+SvWAMSaaFVKmTaPd9ijoCbDWY=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675434499.dop262.lo4.t,1675434499.cds288.lo4.hn,1675434499.cds320.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 23859

GET
H2 200 avpb7.12.0a2.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame A42B 64 KB
20 KB 76ms
76ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a2.js
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: e18cb430d37779613b30d164a96b6f76a1a2d58887a732f1fd7df440805cf2ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJPQ9J4GEogBCiRkMTYzMTI5NS1lMWM0LTQ4NGYtYTkxMC0wMjljNmEzODliMTcQyIKixK/g/AIaBgiDtPSeBiINMjE3LjY0LjE1MS4yOSio5gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGI1YzIxZTM0LWRiY2ItNDBlZS04MmVhLWUxNTY2Zjc1NWU4YRj4ngEiGAgCEhRjZHMzMjAubG80Lmh3Y2RuLm5ldA==.Ywh1ZB/yECsa8TzMfWw+S5PrUGnk+BYvEH5yexqwY1g=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675434499.dop262.lo4.t,1675434499.cds288.lo4.hn,1675434499.cds320.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 20344

GET
H2 200 adServe.do Show response
web.ssp.yahoo.com/admax/ 240 B
433 B 160ms
102ms Fetch
text/xml 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.24&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=5434499291
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,POST
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-expose-headers: X-Nexage-AdTid
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 189
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
682 B 236ms
21ms Fetch
application/xml 3.64.134.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.134.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-134-215.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: nginx/1.21.4
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/xml
access-control-allow-origin: https://www.file.io
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 sync
x.bidswitch.net/ 43 B
145 B 10ms
8ms Image
image/gif 18.195.202.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1675434499074-925372504357-001494-011-006239&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.202.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-202-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
145 B 8ms
7ms Image
image/gif 18.195.202.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.202.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-202-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
101ms Image
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=21122&t=1675434499&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=4f039072b3fbbe123925172c1e723ebf&d63=4f039072b3fbbe123925172c1e723ebf&aafaid=&proto=https&uid=1675434499074-925372504357-001494-011-006239&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.79&cb=55317657466&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=217.64.151.29&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1675434499294&asid=637b7eaa93283f4fba7e40c8%2C633ae81e14ba3a033d3a0fd6%2C63ca668fc59e20cf6801d2f2%2C5ff48b20d0a41e5853490d69%2C5ff87336239c6c7fd600e1b5%2C60215b2a3cfdb257402901c4&ofpr=%2C%2C0.49%2C0.49%2C0.49%2C0.49&fpo=%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 103ms
102ms Image
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=21122&t=1675434499&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=4f039072b3fbbe123925172c1e723ebf&d63=4f039072b3fbbe123925172c1e723ebf&aafaid=&proto=https&uid=1675434499074-925372504357-001494-011-006239&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.79&cb=55317657466&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=217.64.151.29&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1675434499294&asid=60bdce680f40fe0656405224%2C624c0a0dc3ddce30871b2de4%2C60eecdaf35e63b08e5029ce4%2C6245a97f138a392b6f34aeb8%2C63a1c97d9fc0bb7a1703e25c&ofpr=%2C0.72%2C2.5%2C%2C2.24&fpo=%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame CE92 0
127 B 25ms
24ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=aLsvSdzZ7gJ8V4nEzZCi6_BhnWK1MEXQz-SGkNH23BSmv2H9pfPxWMn2-DCw0Eiae2CDmHS_UfJUD0DKM7A88ibeaDLrp0WYBkFQDUrDpmfwkicbXcKcAU_HIgvrbOxxECxXMoE2GF8u-JG-9iRYwDmMnmaFtgeitAa9WDHrvzXUGn2U4cxMzZZWUeFxf_Nq1qUi8m7B31ktszu8vPW0zOvmRwvqTGk4WSsUFY_pDF99KOIW08dyrtueqBShsNwnKV8Gqg&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CE92 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CE92 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 632F 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y90aAgAHdvkH_ZGFAAQ6qNqTR4_trqbD_tXtcA&u=%7CwGbAbjAltpl3BlqT1hI99pw9cXk%2B5a9nEQYFVLn%2FhEA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TyHgKyU7CHfZzyYh2cWrQCA7ZKOeOhZTlbyWr7DbuiBJZhyD0YEWX41xrvKQsoQe7Lm29CHiRj3EMuW81RAQbj61leBuwMTqrQGXEMSupvHKgMlCI-kZ7b_DhpoEwOHliXBbMMwomiCFIruXCrMi8ZbZ5qyqUZklB7Ay1mB4Gjgx7JJBBoWUDbbJz9qQeuqX_opW28MqHe-81InUoTPcwJT0wKOBpj4kZeUWEsqycBEUiAO0kDkcbCW7bD5M_GIScOFc3o-9TNDbD4crj0TnxTMmJbW-cF-SD3_lULvtICKWRF2nhOAzCOqU1j3Z1YhTC39DtHWepwRqYGn4DSOiVt_k2ZWyoqhcS0nL3EBBXlJxalUKfdkikzPdj1NySYcmYXf6vmQvFtpIyoUmiPM5UzCDHY6P6gOMK7S8W-sFqgSkSrxPHQ_GGyJQ8BXii51_bNV3PvIT77ijOJZqNZijJG8bOGa9JhQ7cjk0mMlbggv6RCq5Ny81eJuAz5RRHOR_a0tKG2v5CmI42puM-bCCshL3kUQhvwNrgDXZaVROzFCXng_sO3EWRcU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf23TAhrdY_ntHYWj9u8PqPWQ2A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQmpAhSwXeC_V7I-4AIAqAMBqgSWAk_QH9muZqn3F93tlHGPNN35-7YBye2NKlu_pJiA2ROSvrt4JeMGngIe21z-3MHY2vejvJFux2iQZqf-DuZ_2eYMfq-FMsKU0Gjte4ABDQrhlXmcV9oaIr6d0kJSV5J9qJ0FjGZxHaHwDJ91bR6juH16hTRiZ9ze56-nyoE7kyQxieIijMxuXa-UjYuetxTh4UChBeMNrYzCbSP9ruuyS8lG5fmBMjRS7YrajGEc4l8T86RHOOYGr0yi8O24y4azakvZ3crlegorOhGw9PcSvpC_F3M4xSC5WC0iJPjJwxMGHvGSa5dlU0u_QN3K3Pwi45uVQq0BloSEzvKwQ0A6YuNSDHU5qlx1FKmThSIAoM1DK9i5K_814AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1TNdFLJm8p2LnJD0J01k0Py1vamA%26client%3Dca-pub-5781531207509232%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 632F 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 632F 308 B
636 B 19ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 632F 293 B
621 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 632F 43 B
347 B 20ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=2NXj8x2wDSB1GmA3e8mcZzXdmvE1eeUUUC3DjWvd1ykQmvtb6flWRSUD_Ek534mrtOr-b9KyRFH9KShBYrvtVFvCdlzKWE3mNag82UZzwLB-RFxSFlYIGdCbHOmN4lJR5-6TZf_UV3h3CTtVzwcukJyt3w0zEQTUCv40xD5LhVrwPE5KyGb_RglJzJrfLY1M2_wZvueuDuV5J5dE5SmZ_7AklJ849ShA-QkuVohG2koUJDNFWnyHminvcRIe1r8L4OLoCekgKkaPO-F9qHEE9pci73r4q4vxrRDBo3D2D_fxG0RP1gsstgPqIh0lpyGDrost35ztDjyCt5pGw3-o6gMX0pCtE1WEkn31uA0-d7GXeKOluW-OzjB1OfiLG_2R80DBuwHAL6p64J3UPzW3O0D3_Z4HCdf-FWrJNqUaIeTH0y3O

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2600066
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E72F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e290984b6982efadda04be15228457656e65a85c5495dff6a6764ca79e9b230d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 632F 12 KB
6 KB 17ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D7B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEERCRzr-O0w2GrrWCOplmdE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEERCRzr-O0w2GrrWCOplmdE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dUtzS09QdnIxUG5YMzU1&google_gid=CAESEERCRzr-O0w2GrrWCOplmdE&google_cver=1&google_push=Aa02lx_7kdPzuEw9hwQ7l7gRHwiFcBF21-XsRWvhc0XXv-U...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dUtzS09QdnIxUG5YMzU1&google_gid=CAESEERCRzr-O0w2GrrWCOplmdE&google_cver=1&google_push=Aa02lx_7kdPzuEw9hwQ7l7gRHwiFcBF21-XsRWvhc0XXv-UTIbE5_4pJdIowWW5-BeM8Ub9zM3ELgcGgKnCG6l6ysZEcaczRiCpYmg

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:18 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-080788359912fe49e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dUtzS09QdnIxUG5YMzU1&google_gid=CAESEERCRzr-O0w2GrrWCOplmdE&google_cver=1&google_push=Aa02lx_7kdPzuEw9hwQ7l7gRHwiFcBF21-XsRWvhc0XXv-UTIbE5_4pJdIowWW5-BeM8Ub9zM3ELgcGgKnCG6l6ysZEcaczRiCpYmg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D7B
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELbjsetebl-vnbNNA4zTvAg&google_cver=1&google_push=Aa02lx9UsYSWTb6nPDIVcCGmLfuCjnt2HQ0g1lteJBcKi2Bw7pDdnygh_Pb_Ld_fQCuEn2284reHm...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9UsYSWTb6nPDIVcCGmLfuCjnt2HQ0g1lteJBcKi2Bw7pDdnygh_Pb_Ld_fQCuEn2284reHmgZMa46Q0-JpxNqmsVTbt4J3jQ

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9UsYSWTb6nPDIVcCGmLfuCjnt2HQ0g1lteJBcKi2Bw7pDdnygh_Pb_Ld_fQCuEn2284reHmgZMa46Q0-JpxNqmsVTbt4J3jQ

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 14:28:18 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5157F7FA736F46168D906C5DDD7D49FE Ref B: FRAEDGE1522 Ref C: 2023-02-03T14:28:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9UsYSWTb6nPDIVcCGmLfuCjnt2HQ0g1lteJBcKi2Bw7pDdnygh_Pb_Ld_fQCuEn2284reHmgZMa46Q0-JpxNqmsVTbt4J3jQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzzH4wNW/3W5HUQa2k3g==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D7B
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEIWheyjl10crGiSzSyaXGWw&google_cver=1&google_push=Aa02lx_QNdIkzlRU4I0U-MS5r1yF_6m570w2KVeMIjja4ul7W8e_OzLimPs_y90NZp_o73hSAXtRcHwPagrImAhi6Zgtw2wV4UXR
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MzVBRkM2RTIzOEU0QkZBRA==

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MzVBRkM2RTIzOEU0QkZBRA==

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MzVBRkM2RTIzOEU0QkZBRA==
date: Fri, 03 Feb 2023 14:28:19 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D7B
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENjhDd7JbxHgSaYntKm3wSY&google_cver=1&google_push=Aa02lx97zJxVA15AqmyMjAsOvtrLaezgNR05mF9UQxUO2bP_TrSx9rjbd7M3pCg22QpPP5VyRietgpkoYh...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESENjhDd7JbxHgSaYntKm3wSY&google_cver=1&google_push=Aa02lx97zJxVA15AqmyMjAsOvtrLaezgNR05mF9UQxUO2bP_TrSx9rjbd7M3pCg22QpPP5VyRietgpkoYh...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx97zJxVA15AqmyMjAsOvtrLaezgNR05mF9UQxUO2bP_TrSx9rjbd7M3pCg22QpPP5VyRietgpkoYheZ2AnLdgtgZOmZQnBCdA&google_hm=

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx97zJxVA15AqmyMjAsOvtrLaezgNR05mF9UQxUO2bP_TrSx9rjbd7M3pCg22QpPP5VyRietgpkoYheZ2AnLdgtgZOmZQnBCdA&google_hm=

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 14:28:19 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx97zJxVA15AqmyMjAsOvtrLaezgNR05mF9UQxUO2bP_TrSx9rjbd7M3pCg22QpPP5VyRietgpkoYheZ2AnLdgtgZOmZQnBCdA&google_hm=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D7B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEcVfennTWqD6lpa6nbW5D8&google_cver=1&google_push=Aa02lx-NkhkjV5_wnU_dDmaRyWTJHiYy6Noq3gXC5-S0UvFwjYFKpypJ64VVFl1BaSNKVPakBMryQvNf...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxOTQyMDM4ODE2MzQ5MDI4MQ&google_push=Aa02lx-NkhkjV5_wnU_dDmaRyWTJHiYy6Noq3gXC5-S0UvFwjYFKpypJ64VVFl1BaSNKVPakBMryQv...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxOTQyMDM4ODE2MzQ5MDI4MQ&google_push=Aa02lx-NkhkjV5_wnU_dDmaRyWTJHiYy6Noq3gXC5-S0UvFwjYFKpypJ64VVFl1BaSNKVPakBMryQvNfhgFb-cu_RvoseXPu9n3Hdw

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxOTQyMDM4ODE2MzQ5MDI4MQ&google_push=Aa02lx-NkhkjV5_wnU_dDmaRyWTJHiYy6Noq3gXC5-S0UvFwjYFKpypJ64VVFl1BaSNKVPakBMryQvNfhgFb-cu_RvoseXPu9n3Hdw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D7B
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEAThes4q5tkW7sWAvwa-ysA&google_cver=1&google_push=Aa02lx_VQ1vQQXfY5BkzdwYZmlINPEPw0ZYBjm2N6GJrx2swECNUCasWui5fy74sBQwjSaesPz9UIYfNXfkJVenKFoP_BboNM...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx_VQ1vQQXfY5BkzdwYZmlINPEP...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx_VQ1vQQXfY5BkzdwYZmlINPEPw0ZYBjm2N6GJrx2swECNUCasWui5fy74sBQwjSaesPz9UIYfNXfkJVenKFoP_BboNMA5XTA&gdpr=&gdpr_consent=

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:19 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&mn_hm=MzE4NDM2MDk5ODg4NjE0MDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx_VQ1vQQXfY5BkzdwYZmlINPEPw0ZYBjm2N6GJrx2swECNUCasWui5fy74sBQwjSaesPz9UIYfNXfkJVenKFoP_BboNMA5XTA&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Fri, 03 Feb 2023 14:28:19 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 5D7B 0
44 B 26ms
24ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENAA3KQg7eE1-3VR4HaMIyA&google_cver=1&google_push=Aa02lx-v9qvTe0bb2bVnVBfthfqkKUEdVsMbCcgRFaBKyVcDp9m-IohEGvY5GcpchrAveUsmW2sk-NHFP_0cOF3emGKLpZ4uGntWOQ
Requested by: Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5D7B 0
12 B 25ms
23ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjMzXg7QodZOptM8YrlALxmpa0L8vDegCTu-x9zyxFtw6DcQxMWU-DkczkHCLHdr4tetw9

Requested by

Host: 79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 632F 8 KB
8 KB 94ms
22ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=160&m=0&partner=93397&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F93397%2F230201%2F7c4db63bcfc0473999861e8d8d56e43c_taschen_logo.png&v=3&w=316&s=0u4V-XHY4EJZGBpsYqkMQKXv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f84bd0b1ec5d487fb58718740c44db9e761649868eb49e769225cfbb77d9e8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30998025
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7976
expires: Sun, 28 Jan 2024 09:02:05 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 632F 0
127 B 22ms
22ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=7mWDDNzZ7gJ8V4nEDZIkvxk07NHvWRNpa4uDZ-x3bTVeV6sYYdHH6mx2623AhCE-06HDZkGKmomcw2buIil9THwYYfUrw6TT11GBap0op-CSm9pjwi879L7WhUcX460M2qgyx1_69ExDxM-Xw9hQQE_zMXDyg18Q4-JDqvYKl8ps_fkB1miBqD7qjMPy53GRy4aLHvMPBh9SJ3Wh5oujc1R5hxP2WnpXSgUP-Q4QMllTHncSlXwU4uRDo4kX7yXPfXqyow&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 632F 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 632F 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 14:28:19 GMT

GET
DATA 200
OK truncated
/ Frame E79F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 615b89335544e3ee78483dc3407ec92b61f553cece1c87c2df9b039d479fed6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4911 0
42 B 149ms
21ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29838095&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675434499074-925372504357-001494-011-006239%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:17 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CA21 33 KB
10 KB 7ms
7ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6082f142b8887af8d662c64d7fb649e63dea33c689494b168271764ab42f19cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 14:28:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Feb 2023 06:27:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=57552
Connection: keep-alive
Content-Length: 10009
Expires: Sat, 04 Feb 2023 06:27:31 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 44ms
10ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.file.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.file.io
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT
server: ATS/9.1.10.25

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
119 B 22ms
21ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 49baabe09138f14bfe21fb6d2f5604e26533077c1dfa1c7cdc0602293414c6d2

Request headers

Referer: https://www.file.io/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 84

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
686 B 132ms
131ms XHR
application/xml 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1675434499626&pKey=1877763484&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&playerSize=440x247
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:19 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.file.io
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1675434499546098-386
Expires: Fri, 03 Feb 2023 14:28:19 GMT

POST
H2 204 pb Show response
ad.360yield.com/ 0
165 B 34ms
33ms XHR
text/plain 54.216.221.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.221.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-221-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:19 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
407 B 151ms
9ms XHR
application/json 52.29.218.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.218.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-218-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2fb15c8182cc4b80d5afc8b9e4bba8f1385b24fb42857daf20ba78826704d6c7

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-prebid: pbs-java/1.110.0
content-type: application/json
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 22ms
22ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 42ms
41ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
154 B 14ms
14ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:18 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame CA21 0
239 B 414ms
97ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LDOMFXL4-21-900U
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 page-data.json
www.file.io/page-data/index/ 0
621 B 51ms
50ms Other
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/index/page-data.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:35:23 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: CTXG04A7AQTDQK99
x-amz-cf-pop: MXP63-P3
etag: "401beb30f0318595986e0b5ab983a5ad"
age: 13977
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 154
x-amz-id-2: qhD62xx4gfvf+SyEBwxc3cM95CF4fIDb0fy5HSI2JdjihoymnI3jbLo+zJo+av1ilKLRvCHQfWM=
x-amz-cf-id: ztqAApBEmicByPzMa-y9KhDM35skl8vc0ddT7mjlwwmj89vn1QgmIg==

GET
H2 200 page-data.json
www.file.io/page-data/signup/ 0
621 B 45ms
44ms Other
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/signup/page-data.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:14:31 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
x-amz-request-id: JF9AFM6JVZW4DP9F
x-amz-cf-pop: MXP63-P3
age: 18829
x-cache: Hit from cloudfront
content-length: 137
x-amz-id-2: ujf5neFO3U6zcrbAG9EgjK3Y8UF1idu1LMvZNbylL1kLwoREBLyGHxYcZ7sKJCyPNrOgEDy9IcU=
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
etag: "68baf9ac2f5dcaef64744f1f45d71de0"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: c9l7sMATopGMo1QlMl81vrNQzU9iu3eloHBT-joMhhJDuKfeUtMjBA==

GET
H2 200 page-data.json
www.file.io/page-data/about/ 0
631 B 46ms
45ms Other
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/about/page-data.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:14:31 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
x-amz-request-id: 50N3D75PM42M7GV4
x-amz-cf-pop: MXP63-P3
age: 18829
x-cache: Hit from cloudfront
content-length: 147
x-amz-id-2: 6LgkpVWUkiV5ZMrrUnUDLGFxuSfeOwp/I4Z5RROgRPXJp/VgNd+RwuEwRK0uIA0teIKor79JNW8=
last-modified: Wed, 23 Nov 2022 15:26:44 GMT
server: AmazonS3
etag: "cfb91ae7cd0473e276a9361907a683fc"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: 8q3Qy6QwUsj-DHb3cfSZFARcY_oqCQhsc4H6H2RWL1LOkgkO3mEajQ==

GET
H2 200 page-data.json
www.file.io/page-data/developers/ 0
629 B 43ms
42ms Other
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/developers/page-data.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:35:28 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: T852Q47DRCRJB4W0
x-amz-cf-pop: MXP63-P3
etag: "d7bc956a5292f7440e9ca53e421dd579"
age: 13972
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 163
x-amz-id-2: WJDzy66EWuBuRiP0c+MHdO5wCKa1OALz/8E5CnFWd1gy/zsbUC+4K5v6I2m1521P+rKukKfs6Xc=
x-amz-cf-id: 5yzdDSxTECij-VFpIiasayUgzQVfe5h7E05fw2XZAYU51jgAbRzUrQ==

GET
H2 200 page-data.json Show response
www.file.io/page-data/developers/ 163 B
629 B 48ms
42ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/developers/page-data.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:35:28 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: T852Q47DRCRJB4W0
x-amz-cf-pop: MXP63-P3
etag: "d7bc956a5292f7440e9ca53e421dd579"
age: 13972
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 163
x-amz-id-2: WJDzy66EWuBuRiP0c+MHdO5wCKa1OALz/8E5CnFWd1gy/zsbUC+4K5v6I2m1521P+rKukKfs6Xc=
x-amz-cf-id: sTTE-yESVWkWP9ekqWURHxj8ao_At16g0sbwuoUTLMmzIX6shQQMCQ==

GET
H2 200 page-data.json Show response
www.file.io/page-data/signup/ 137 B
621 B 44ms
43ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/signup/page-data.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:14:31 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
x-amz-request-id: JF9AFM6JVZW4DP9F
x-amz-cf-pop: MXP63-P3
age: 18829
x-cache: Hit from cloudfront
content-length: 137
x-amz-id-2: ujf5neFO3U6zcrbAG9EgjK3Y8UF1idu1LMvZNbylL1kLwoREBLyGHxYcZ7sKJCyPNrOgEDy9IcU=
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
etag: "68baf9ac2f5dcaef64744f1f45d71de0"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: 4bFCQlpdL7m0oELRoMmYpetT_C9aPb9Ckb_FJe1FzxaHUFxPa_lIyA==

GET
H2 200 page-data.json Show response
www.file.io/page-data/about/ 147 B
632 B 42ms
41ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/about/page-data.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:14:31 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
x-amz-request-id: 50N3D75PM42M7GV4
x-amz-cf-pop: MXP63-P3
age: 18829
x-cache: Hit from cloudfront
content-length: 147
x-amz-id-2: 6LgkpVWUkiV5ZMrrUnUDLGFxuSfeOwp/I4Z5RROgRPXJp/VgNd+RwuEwRK0uIA0teIKor79JNW8=
last-modified: Wed, 23 Nov 2022 15:26:44 GMT
server: AmazonS3
etag: "cfb91ae7cd0473e276a9361907a683fc"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: X87F-UzWZSjcbvdLYw2LuOccJTFb9ujYJjIH3qihUkWHx9oKoYGRWA==

GET
H2 200 page-data.json Show response
www.file.io/page-data/index/ 154 B
623 B 41ms
40ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/index/page-data.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:35:23 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: CTXG04A7AQTDQK99
x-amz-cf-pop: MXP63-P3
etag: "401beb30f0318595986e0b5ab983a5ad"
age: 13977
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 154
x-amz-id-2: qhD62xx4gfvf+SyEBwxc3cM95CF4fIDb0fy5HSI2JdjihoymnI3jbLo+zJo+av1ilKLRvCHQfWM=
x-amz-cf-id: DtLstWbQlAsjD6ZRU4k57wHLSOqRcw9rq8OWcPyBNegX_7LRLDyqMA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA21
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPTUZYTDQtMjEtOTAwVQ==

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPTUZYTDQtMjEtOTAwVQ==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPTUZYTDQtMjEtOTAwVQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA21
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDk3OGI4MDY5YTIwODFhNzRiMDE4NzI2NjQzMDAwMDM0MDcxZWY1ZQ

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDk3OGI4MDY5YTIwODFhNzRiMDE4NzI2NjQzMDAwMDM0MDcxZWY1ZQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDk3OGI4MDY5YTIwODFhNzRiMDE4NzI2NjQzMDAwMDM0MDcxZWY1ZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CA21
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bkWzcS2cQ66qjOqrU7nIcg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bkWzcS2cQ66qjOqrU7nIcg

43 B
479 B

35ms
33ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bkWzcS2cQ66qjOqrU7nIcg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 082XDJEDY69CG7BMTV55
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bkWzcS2cQ66qjOqrU7nIcg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CA21
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/ODdVS3vSlZfBMICkXVF_Osn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HTqD5c1E2oLpgcWrqIaMlsjDpCZE059YcceErw--~A

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HTqD5c1E2oLpgcWrqIaMlsjDpCZE059YcceErw--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HTqD5c1E2oLpgcWrqIaMlsjDpCZE059YcceErw--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CA21
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1emow5LPTku2B1nx7FPF5A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1emow5LPTku2B1nx7FPF5A

43 B
479 B

108ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1emow5LPTku2B1nx7FPF5A

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7ASR2CW6MGB5QP3VY5AB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1emow5LPTku2B1nx7FPF5A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame CA21
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDOMFXL4-21-900U

0
142 B

187ms
186ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDOMFXL4-21-900U
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 96558D66735A4E4CBD3D70EF422F8E62 Ref B: FRAEDGE1522 Ref C: 2023-02-03T14:28:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzzH43FwPdP5MUe0N3sA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDOMFXL4-21-900U
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame CA21 70 B
265 B 100ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CA21
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEARR2lCebTK2e2GfljUkuL4&google_cver=1

0
239 B

56ms
11ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEARR2lCebTK2e2GfljUkuL4&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEARR2lCebTK2e2GfljUkuL4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 component---src-pages-index-js-6f342476ad3d7376370b.js
www.file.io/ 0
19 KB 42ms
42ms Other
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-index-js-6f342476ad3d7376370b.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 00:24:25 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:41 GMT
server: AmazonS3
x-amz-request-id: 5HRVJR6RN3GQRH41
x-amz-cf-pop: MXP63-P3
etag: W/"a815a80bb57be2461e02b661e195f1f8"
age: 1692235
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: zKFsGP-4FrgKHV2I-04lxXypU9KmT9jpGN4JIXzHejD6lDabyFWlpg==
x-amz-id-2: 0rYiQJ55Lqz7L91hnQSFB3WcAdHrPPFWkw+Fm5p4FL4Be/DKZ7zJBqvlqfy2Vnww4j0O8TMh4QU=

GET
H2 200 component---src-pages-about-js-e796be312b3f5a0e66a9.js
www.file.io/ 0
1 KB 46ms
45ms Other
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-about-js-e796be312b3f5a0e66a9.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 00:53:43 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:40 GMT
server: AmazonS3
x-amz-request-id: YMZE879JSN72EW6K
x-amz-cf-pop: MXP63-P3
etag: W/"9bb0618c91746ad73fe92abe83c168d2"
age: 826477
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: _06dginBWDlntU7hpScrDrZXalZR94dbu6gwPKUWsVCYqc3QpJK78Q==
x-amz-id-2: Wqeasc1HmdP3RZrkW/URiVaK6WkLtrWJsc7u8rVP4g7GdrqqHPKUN40+nS5sDHofqwQL9oNGzFbZxjTj3ULf8Q==

GET
H2 200 component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
www.file.io/ 0
170 KB 58ms
57ms Other
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 01:14:58 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:41 GMT
server: AmazonS3
x-amz-request-id: SX3CPSYDTGZ0K3PY
x-amz-cf-pop: MXP63-P3
etag: W/"80a59b6f64d0402abb9842573879e8fb"
age: 1343601
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: VJ3yjSlOSQTbG23d79Apdwd1lT8p5XxdAH4FNOLNrEMe0lV1QxY8lg==
x-amz-id-2: pf+yTZfP3Aj/Zsi/Apgj+ByQqkQ5Ww5Gle+QCfQISO4UHoR4R/TtFfst5FgR/sjW5R/l4pUq4vg=

GET
H2 200 component---src-pages-signup-js-6276362a910cd31f83ca.js
www.file.io/ 0
7 KB 43ms
42ms Other
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-signup-js-6276362a910cd31f83ca.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 00:24:38 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:42 GMT
server: AmazonS3
x-amz-request-id: HRQG5ADC535VYYV0
x-amz-cf-pop: MXP63-P3
etag: W/"f532f8654ef9d6e2ccba95d194e45cc2"
age: 569022
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: fSXQBZ9Xgnj3MyMqzSLR0udusKQQYHl5u_vBtQyZVZio2PxSThXmqg==
x-amz-id-2: MGGzM4n1U0LXaBrkI/s8cUCGEjof//TugQVdnFbY+NWHxfasaZFXt4uQXZdLoMCOSwEqPSvhpS0=

GET
H2 200 adServe.do Show response
web.ssp.yahoo.com/admax/ 240 B
227 B 88ms
86ms Fetch
text/xml 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.24&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=5434499836
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,POST
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-expose-headers: X-Nexage-AdTid
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 189
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
388 B 27ms
25ms Fetch
application/xml 3.64.134.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.134.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-134-215.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
server: nginx/1.21.4
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/xml
access-control-allow-origin: https://www.file.io
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 108ms
106ms Image
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=21122&t=1675434499&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=4f039072b3fbbe123925172c1e723ebf&d63=4f039072b3fbbe123925172c1e723ebf&aafaid=&proto=https&uid=1675434499074-925372504357-001494-011-006239&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.79&cb=55317657466&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=217.64.151.29&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1675434499838&asid=637b7eaa93283f4fba7e40c8%2C633ae81e14ba3a033d3a0fd6%2C5ff87336239c6c7fd600e1b5%2C63ca668fc59e20cf6801d2f2%2C60215b2a3cfdb257402901c4%2C5ff48b20d0a41e5853490d69%2C5ffffc9e712b1564036ba7e2%2C5ff6ed8d06e9773265718a49&ofpr=%2C%2C0.49%2C0.49%2C0.49%2C0.49%2C0.49%2C0.49&fpo=%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C1%2C1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
104ms Image
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=21122&t=1675434499&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=4f039072b3fbbe123925172c1e723ebf&d63=4f039072b3fbbe123925172c1e723ebf&aafaid=&proto=https&uid=1675434499074-925372504357-001494-011-006239&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.79&cb=55317657466&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=217.64.151.29&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1675434499838&asid=624c0a0dc3ddce30871b2de4%2C6245a97f138a392b6f34aeb8%2C63a1c97d9fc0bb7a1703e25c&ofpr=0.72%2C%2C2.24&fpo=%2C%2C&ri=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
686 B 127ms
126ms XHR
application/xml 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1675434499847&pKey=1877765469&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&playerSize=440x247
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:19 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.file.io
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1675434499824024-382
Expires: Fri, 03 Feb 2023 14:28:19 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
116 B 24ms
23ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: aca21b770398fd75d652c6f9434b39608151bd77f86039b177ef80ba48d93ad6

Request headers

Referer: https://www.file.io/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 84

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
159 B 48ms
22ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.file.io
pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
405 B 25ms
12ms XHR
application/json 52.29.218.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.218.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-218-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 35b0104974ee70c58f557cd8cd6752f7b6a1150169823eaf356abeebba394c5f

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
content-encoding: gzip
x-prebid: pbs-java/1.110.0
content-type: application/json
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 36ms
24ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 36ms
25ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 pb Show response
ad.360yield.com/ 0
165 B 45ms
34ms XHR
text/plain 54.216.221.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.221.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-221-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:19 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
333 B 45ms
35ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.file.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 11ms
11ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.file.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.file.io
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 03 Feb 2023 14:28:19 GMT
server: ATS/9.1.10.25

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 103ms
12ms Preflight
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.file.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.file.io
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 03 Feb 2023 14:28:19 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 9ms
8ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.file.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.file.io
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 03 Feb 2023 14:28:20 GMT
server: ATS/9.1.10.25

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 12ms
12ms Preflight
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.file.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.file.io
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 03 Feb 2023 14:28:20 GMT

GET
H2 200 adServe.do Show response
web.ssp.yahoo.com/admax/ 240 B
227 B 80ms
80ms Fetch
text/xml 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.24&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=5434500041
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,POST
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-expose-headers: X-Nexage-AdTid
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 189
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
388 B 21ms
20ms Fetch
application/xml 3.64.134.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.134.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-134-215.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
server: nginx/1.21.4
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/xml
access-control-allow-origin: https://www.file.io
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
117ms Image
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=21122&t=1675434499&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=4f039072b3fbbe123925172c1e723ebf&d63=4f039072b3fbbe123925172c1e723ebf&aafaid=&proto=https&uid=1675434499074-925372504357-001494-011-006239&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.79&cb=55317657466&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=217.64.151.29&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1675434500043&asid=637b7eaa93283f4fba7e40c8%2C633ae81e14ba3a033d3a0fd6%2C5ff48b20d0a41e5853490d69%2C63ca668fc59e20cf6801d2f2%2C5ff87336239c6c7fd600e1b5%2C60215b2a3cfdb257402901c4%2C5ffffc9e712b1564036ba7e2%2C5ff6ed8d06e9773265718a49&ofpr=%2C%2C0.49%2C0.49%2C0.49%2C0.49%2C0.49%2C0.49&fpo=%2C%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
102ms Image
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=21122&t=1675434499&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=4f039072b3fbbe123925172c1e723ebf&d63=4f039072b3fbbe123925172c1e723ebf&aafaid=&proto=https&uid=1675434499074-925372504357-001494-011-006239&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.79&cb=55317657466&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=217.64.151.29&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1675434500043&asid=6245a97f138a392b6f34aeb8%2C624c0a0dc3ddce30871b2de4%2C63a1c97d9fc0bb7a1703e25c&ofpr=%2C0.72%2C2.24&fpo=%2C%2C&ri=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:28:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
139 B 24ms
21ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 0a84e26d78e72331e95e85f5827fdbe6007e5e6b77f8fc935ad674f3542a5aa6

Request headers

Referer: https://www.file.io/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Feb 2023 14:28:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.file.io
access-control-allow-credentials: true
content-length: 84

POST
H2 204 pb Show response
ad.360yield.com/ 0
165 B 35ms
34ms XHR
text/plain 54.216.221.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.221.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-221-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
158 B 16ms
15ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.file.io
pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 25ms
25ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 24ms
24ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
686 B 127ms
125ms XHR
application/xml 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1675434500063&pKey=1897807182&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&playerSize=440x247
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:20 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.file.io
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1675434500047028-370
Expires: Fri, 03 Feb 2023 14:28:20 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
333 B 56ms
55ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:19 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.file.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
405 B 10ms
9ms XHR
application/json 52.29.218.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.218.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-218-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: be612a4a2305bf4c68a07ba4beeb23af290b23ec88498de70f316c3e7b3f80c0

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
content-encoding: gzip
x-prebid: pbs-java/1.110.0
content-type: application/json
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9418 42 B
174 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJZTQo629Zyn16uigjK0B4YnWrmpM6Pjxg3bjjp7rrjUXsKyKt50Sqpp6Q37KSM3rOScleGEhdAmykRv8grNTtrvk&sig=Cg0ArKJSzEoiKiNSWf64EAE&cid=CAASF-Ro3eg4XgTU-sxRx66PHJRAgIKNJAgt&id=lidar2&mcvt=1000&p=868,315,1118,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3195751161&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675434498350&rpt=724&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 47CF 0
127 B 25ms
18ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 14:28:19 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
540 B 91ms
10ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 49ms
28ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 098b114c0a0e056b9fb62a9a8ceb70e32581d2c0b5f642534a6ead5634caf5e7

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.file.io
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 14:28:20 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 44B9 16 KB
6 KB 44ms
27ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=63191
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 03 Feb 2023 14:28:20 GMT
expires: Sat, 04 Feb 2023 08:01:31 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DE24 16 KB
6 KB 44ms
29ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=63191
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 03 Feb 2023 14:28:20 GMT
expires: Sat, 04 Feb 2023 08:01:31 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8699 281 B
554 B 30ms
20ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Feb 2023 14:28:20 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 793E 16 KB
6 KB 42ms
27ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by: Host: www.file.io
URL: https://www.file.io/deleted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=63191
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 03 Feb 2023 14:28:20 GMT
expires: Sat, 04 Feb 2023 08:01:31 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f784a2b9ba63e56f8a85a1fb43c292f4&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v13a2_7195936384090559192&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

36ms
35ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:20 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1675434500423049-362
Expires: Fri, 03 Feb 2023 14:28:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8699 33 KB
10 KB 47ms
15ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6082f142b8887af8d662c64d7fb649e63dea33c689494b168271764ab42f19cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 14:28:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Feb 2023 06:27:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=57551
Connection: keep-alive
Content-Length: 10009
Expires: Sat, 04 Feb 2023 06:27:31 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 48ms
10ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

0c12ec0c82bdc8fcc3a79f33f58d3b019c987e395587240ef678b864f0963ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E72F 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHcIS0S-SkHFNyqTNoNpVgJjI7WcrR7TO6Jj9MvLyf3KzB5Fyl5MiCkZ7tyYwnRB8__JKxz48zOE4I8GtHtpfuZw4&sig=Cg0ArKJSzD2jLkxBEFn1EAE&cid=CAASF-RoYeL6vNpqOOCePPV1oWyTFu1xAaye&id=lidar2&mcvt=1002&p=138,315,388,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1730059992&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675434498579&rpt=816&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CE92 0
127 B 20ms
20ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200 258.json Show response
id5-sync.com/g/v2/ 216 B
621 B 27ms
7ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/258.json

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

3c19bed8881065cd1329f04ee70ac6560e7652360189722e9077069342eb4243

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 206 video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 3 MB
0 24ms
23ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=632075b70fa709288815ba86&AV_TEMPID=62f50abcbb8a6411007d7629&cid=6092b7eb89db8643a840b332&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.file.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=458752-

Response headers

date: Fri, 03 Feb 2023 14:28:20 GMT
x-guploader-uploadid: ADPycdszYUNLsfuel9FgukK-XaOXQSmVxYxJ6jPs2eLcVO6_OttVnsDLyUJNH3hZHgVWaLw_RJU4L9NIJzH__VPBWZxirYbOqT5c
x-goog-storage-class: STANDARD
Content-Range: bytes 458752-13496023/13496024
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 13037272
x-sp-metadata: HS256.CJTQ9J4GEogBCiRjNDkwNmU0Mi0yYjE0LTRlZjMtYjkzMC0zNWVlMzI3Y2IxNzEQuNb12vfT/AIaBgiEtPSeBiINMjE3LjY0LjE1MS4yOSiqoAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRotCAESJGRmYTQxNzY3LTAzZDItNGM4Ny1hNDE2LTUwMzIwYWIyMDFiMRjY3bcGIhgIAhIUY2RzMDg5LmxvNC5od2Nkbi5uZXQ=.DVRxeorBC+EcWGG3ScEi34k6tVFQncebrYCzk8zH7Tc=
last-modified: Tue, 19 Apr 2022 15:55:06 GMT
server: UploadServer
etag: "5988954ac663c7a7640a82f507517315"
x-goog-generation: 1650383706252946
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1675434500.dop030.lo4.t,1675434500.cds034.lo4.hn,1675434500.cds089.lo4.c
x-goog-stored-content-length: 13496024
accept-ranges: bytes

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 151ms
47ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.file.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 14:28:20 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 550206
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
247 B 328ms
96ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:20 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.file.io
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=5dXYAHw0Rk1xR1JiZkFzZHJicDZxOFM4TEtBakJEL1lHS29ITDR5bXBjSzN1bHJUb081VWtIWHVsdjFSYmFGQlIxZjhJU3hYNXMvZGlDV2hudmpJWmRSdmJRbzJxVzZLbHpCMXRJSzVSeUFiTFA5amUzV3cxS1Z4U2hHZE...

330 B
627 B

43ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5dXYAHw0Rk1xR1JiZkFzZHJicDZxOFM4TEtBakJEL1lHS29ITDR5bXBjSzN1bHJUb081VWtIWHVsdjFSYmFGQlIxZjhJU3hYNXMvZGlDV2hudmpJWmRSdmJRbzJxVzZLbHpCMXRJSzVSeUFiTFA5amUzV3cxS1Z4U2hHZEhkZ0tFVFZrTHRueUZqRWFRcFhnOEpXZ29hWWhXODNIL05RcFp6MTdaUE4wSFFVQVZCNGIweWVRc0UrTzZTUEIxWXdyTVdndDVUSEJEV0VXMkFjaUZVNlJ6RlNTUVdNU0dDZ0E0YzZEbm1aM1NVemV1OGhpQXY2Q0xYVE1jVDNYYTRuN2gzQTdCfA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

63935937ddc7b4af8086cd3e81cbc5c36ffcf6b3ce8eab9d014edde1ab633b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1646671
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=5dXYAHw0Rk1xR1JiZkFzZHJicDZxOFM4TEtBakJEL1lHS29ITDR5bXBjSzN1bHJUb081VWtIWHVsdjFSYmFGQlIxZjhJU3hYNXMvZGlDV2hudmpJWmRSdmJRbzJxVzZLbHpCMXRJSzVSeUFiTFA5amUzV3cxS1Z4U2hHZEhkZ0tFVFZrTHRueUZqRWFRcFhnOEpXZ29hWWhXODNIL05RcFp6MTdaUE4wSFFVQVZCNGIweWVRc0UrTzZTUEIxWXdyTVdndDVUSEJEV0VXMkFjaUZVNlJ6RlNTUVdNU0dDZ0E0YzZEbm1aM1NVemV1OGhpQXY2Q0xYVE1jVDNYYTRuN2gzQTdCfA&cppv=2
access-control-allow-origin: https://www.file.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 654745
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
540 B 15ms
14ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 34ms
33ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 098b114c0a0e056b9fb62a9a8ceb70e32581d2c0b5f642534a6ead5634caf5e7

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 14:28:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.file.io
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 05 Mar 2023 14:28:20 GMT

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F03D 16 KB
6 KB 23ms
23ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=63191
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 03 Feb 2023 14:28:20 GMT
expires: Sat, 04 Feb 2023 08:01:31 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame D184 37 B
139 B 9ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 03 Feb 2023 14:28:20 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EB1F 52 KB
17 KB 81ms
11ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 38748
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 03 Feb 2023 14:28:20 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 15, 467037
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220023-HHN
X-Timer: S1675434501.611782,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5737 52 KB
17 KB 78ms
10ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 38748
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 03 Feb 2023 14:28:20 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 15, 468757
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220057-HHN
X-Timer: S1675434501.611613,VS0,VE0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 897C 37 B
139 B 9ms
8ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 03 Feb 2023 14:28:20 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 47D4 16 KB
6 KB 23ms
22ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=63191
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 03 Feb 2023 14:28:20 GMT
expires: Sat, 04 Feb 2023 08:01:31 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A150 52 KB
17 KB 80ms
17ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.file.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 38748
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 03 Feb 2023 14:28:20 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 15, 466982
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220038-HHN
X-Timer: S1675434501.616758,VS0,VE0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 8ms
7ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

8fba5a9ff2f224003ec5cf7ee9822b7d935e86033798383793f7bf15b046dd78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 258.json Show response
id5-sync.com/g/v2/ 216 B
621 B 23ms
22ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/258.json

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

ea0d964c1d88835ddb28a8efc952551f68d4af41e9dfcc7914b8275f907a63d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file.io
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E79F 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss10KNo_gDak28jkLIancmWlmdmS5rEsEuaFP9tyrEGzAk7TuY9BZPu-CAnzqdSsVONlcw_r3JtHDt6Y9NcYmSOpzA&sig=Cg0ArKJSzL-WIO6o2pFDEAE&cid=CAASF-RoEdNmME132Z0_Q-Cb_yCi8EdeSFzV&id=lidar2&mcvt=1021&p=160,45,760,205&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=395328344&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675434498838&rpt=693&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.file.io
URL: https://www.file.io/deleted

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 14:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 632F 0
127 B 27ms
26ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 14:28:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5737 0
859 B 11ms
10ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:20 GMT
AN-X-Request-Uuid: 28d59289-d47d-4738-972f-27c14d5703e9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EB1F 0
859 B 18ms
18ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:20 GMT
AN-X-Request-Uuid: f3e116ed-1f7e-4e1b-977a-49d0fc6de676
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A150 0
859 B 12ms
9ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:20 GMT
AN-X-Request-Uuid: f4e15e9a-ceda-4587-a1c7-d488ff4cc41f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 319ms
18ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 14:28:20 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 513392
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5737 0
859 B 17ms
16ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:21 GMT
AN-X-Request-Uuid: ba78f9ec-8e78-4b46-b32a-329db75d2ec4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EB1F 0
859 B 9ms
9ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:21 GMT
AN-X-Request-Uuid: afe35538-073b-4c87-bdaf-b27bf5f2091d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A150 0
859 B 110ms
109ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 14:28:21 GMT
AN-X-Request-Uuid: 329a8409-3ff1-42cf-9be1-fe863b7fba17
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 page-data.json
www.file.io/page-data/login/ 0
601 B 41ms
41ms Other
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/login/page-data.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:35:28 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: T853MSV0FXPC69ZE
x-amz-cf-pop: MXP63-P3
etag: "4f561e1f747160f0e60849c13facafec"
age: 13975
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 135
x-amz-id-2: KZ59gLVqM5wOYHs8aCE0NXbJ7PLi3R74A6YykZqyzcEMar94UeKlyQfSbv5mtc/4KPMOcyC4TbU=
x-amz-cf-id: EBgmuECaifzDPqiVG05EsDWBiVVtE3jmpX_0VkgfjsPX1YOBs61WaA==

GET
H2 200 page-data.json
www.file.io/page-data/plans/ 0
608 B 39ms
38ms Other
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/plans/page-data.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/deleted/
Origin: https://www.file.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:08:08 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: VTAQ95W8JVFRHQKA
x-amz-cf-pop: MXP63-P3
etag: "1022652c2bef86b84cb16cd11c50b2ca"
age: 30015
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 141
x-amz-id-2: E4iixE1dLHBkMDaClVvCYjp3IG+jM8GJ+F8m9/cw7CYZCxk6dKuvHU0ev5K07qJK3zdP7FWljD4=
x-amz-cf-id: _nlpA4wl12dwx3B2QaDbrznnZDJgMalMZQh9ta8F46qH9XmTZSErLg==

GET
H2 200 page-data.json Show response
www.file.io/page-data/plans/ 141 B
609 B 42ms
41ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/plans/page-data.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:08:08 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: VTAQ95W8JVFRHQKA
x-amz-cf-pop: MXP63-P3
etag: "1022652c2bef86b84cb16cd11c50b2ca"
age: 30015
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 141
x-amz-id-2: E4iixE1dLHBkMDaClVvCYjp3IG+jM8GJ+F8m9/cw7CYZCxk6dKuvHU0ev5K07qJK3zdP7FWljD4=
x-amz-cf-id: L9FdyzueD8XdcSC-JN8C-uPdNS4okPhhFJwBMqqX6W4s7JRZfuwZKg==

GET
H2 200 page-data.json Show response
www.file.io/page-data/login/ 135 B
601 B 41ms
40ms XHR
application/json 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/page-data/login/page-data.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:35:28 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:45 GMT
server: AmazonS3
x-amz-request-id: T853MSV0FXPC69ZE
x-amz-cf-pop: MXP63-P3
etag: "4f561e1f747160f0e60849c13facafec"
age: 13975
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 135
x-amz-id-2: KZ59gLVqM5wOYHs8aCE0NXbJ7PLi3R74A6YykZqyzcEMar94UeKlyQfSbv5mtc/4KPMOcyC4TbU=
x-amz-cf-id: nKHPLcKXa026HU7i3cSz9o-XsB2bvCDED3AHK7o7DLZy2qIVmiuBTA==

GET
H2 200 component---src-pages-plans-index-js-4d7d70651af058699199.js
www.file.io/ 0
939 B 49ms
48ms Other
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-plans-index-js-4d7d70651af058699199.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 07:05:45 GMT
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:42 GMT
server: AmazonS3
x-amz-request-id: MDNZ78PAKYGN2GDM
x-amz-cf-pop: MXP63-P3
etag: "66b96715a5faba1158fa14385302dc0f"
age: 2359358
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 473
x-amz-id-2: aNRIPmIacfykqz2eIP9irJ40cLCc0hfGPItPqYJcS9tjpAXOtQYFems2MoLFO1aoRuuZgIdEDNQ=
x-amz-cf-id: uFS6OIrGHbTAnIqeLuQNEEx1EUlHwxW1FjslKLfT9xAW8nfjHk0Z_g==

GET
H2 200 component---src-pages-login-js-4334d2f9cc13bc6425f6.js
www.file.io/ 0
6 KB 40ms
40ms Other
application/javascript 108.139.243.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file.io/component---src-pages-login-js-4334d2f9cc13bc6425f6.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-54.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.file.io/deleted/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:20:15 GMT
content-encoding: br
via: 1.1 1d5093cd3f00b2814572ccd491aa6702.cloudfront.net (CloudFront)
last-modified: Wed, 23 Nov 2022 15:26:41 GMT
server: AmazonS3
x-amz-request-id: 6PFA3DVX6F2FPVJQ
x-amz-cf-pop: MXP63-P3
etag: W/"5846b26616c0b2bb2d33c186d91ddb78"
age: 1170489
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: wrvZwp-iXbZ67vShhNRPYSK7yj7f8CIF-hs1ZupzTpykq6Q8D39SVg==
x-amz-id-2: 16q2N077OIZKt0nOwf0u480bk1ex1hNmcb2Tx3VghU/JCi2ptAOlD5F+Qol6LWMo/wIh5M8a4Eo=

POST
H2 200 track
track1.aniview.com/ Frame A42B 0
93 B 103ms
103ms Ping
text/plain 3.85.152.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=21122&t=1675434499&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=4f039072b3fbbe123925172c1e723ebf&d63=4f039072b3fbbe123925172c1e723ebf&aafaid=&proto=https&uid=1675434499074-925372504357-001494-011-006239&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.79&cb=55317657466&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=217.64.151.29&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.85.152.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-152-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.file.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 14:28:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=2173

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file.io/	1970-01-20 18:59:54	Name: _ga Value: GA1.2.1232628591.1675434496
.file.io/	1970-01-20 09:25:20	Name: _gid Value: GA1.2.2098447247.1675434496
.file.io/	1970-01-20 09:23:54	Name: _gat Value: 1
.file.io/	1970-01-20 18:09:30	Name: _ym_uid Value: 1675434497878974128
.file.io/	1970-01-20 18:09:30	Name: _ym_d Value: 1675434497
.file.io/	1970-01-20 09:25:06	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 09:23:55	Name: sync_cookie_csrf Value: 2645472636fake
www.file.io/	1970-01-20 10:07:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mc.yandex.ru/	1970-01-20 09:23:55	Name: sync_cookie_csrf Value: 2476121229fake
.adnxs.com/	1970-01-20 11:33:30	Name: icu Value: ChkInZeIARAKGAEgASgBMIG09J4GOAFAAUgBEIG09J4GGAA.
.adnxs.com/	1970-01-20 11:33:30	Name: uuid2 Value: 7322313003111353941
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 557668601675434497
.yandex.com/	1970-01-20 18:59:54	Name: i Value: Sv5BwnWNhUkNriFpaJiXH9b7EQ+exqEtoEwCBHG5hEts2ooMZIKa+iXHJgcN1WA5v9md7dio1ONn8zDr2ZwCL/OabgI=
.yandex.com/	1970-01-20 18:09:30	Name: yandexuid Value: 2268983591675434497
.yandex.com/	1970-01-20 18:09:30	Name: yuidss Value: 2268983591675434497
.yandex.com/	1970-01-20 18:09:30	Name: ymex Value: 1706970497.yc.1675434497#1706970497.yrts.1675434497#1706970497.yrtsi.1675434497
.file.io/	1970-01-20 18:45:30	Name: __gads Value: ID=96b15d988f138ab6:T=1675434497:S=ALNI_MY5i5pdtOadiGDp8pD5lKJmQrqKQA
.file.io/	1970-01-20 18:45:30	Name: __gpi Value: UID=00000bae5834d6da:T=1675434497:RT=1675434497:S=ALNI_Mb0JKzLvygAklsLkkZWRCydBB3YPg
.yahoo.com/	1970-01-20 18:09:52	Name: A3 Value: d=AQABBAEa3WMCEMI5DsSkdwPD7uO-n2oglMcFEgEBAQFr3mPmYwAAAAAA_eMAAA&S=AQAAAlIHXgzjWeuCCpiWpHM5vKQ
.doubleclick.net/	1970-01-20 18:45:30	Name: IDE Value: AHWqTUmC5_3n4ttcpqT4uDOyMdevkHfWdMeUzUVYXifoEEiqjnmR1rHFTZ3qwK9eiaA
.360yield.com/	1970-01-20 11:33:30	Name: tuuid Value: 2b720420-6441-44c5-b905-6f9e92b0fc36
.360yield.com/	1970-01-20 11:33:30	Name: tuuid_lu Value: 1675434498
.3lift.com/	1970-01-20 11:33:30	Name: tluid Value: 926573474342748158462
.ads.avads.net/	1970-01-20 18:59:54	Name: av-mid Value: e31e4d13-9831-4ce9-b962-17c74a8ca9a1
.ads.avads.net/	1970-01-20 09:44:04	Name: av-tp-gadx Value: 1
.media.net/	1970-01-20 18:09:30	Name: visitor-id Value: 3184360998886140000V10
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:09:30	Name: bcookie Value: "v=2&dc42026a-7b35-489f-8c48-028a8446cdb3"
.linkedin.com/	1970-01-20 13:43:06	Name: li_gc Value: MTswOzE2NzU0MzQ0OTk7MjswMjE2Ym9hNUB3nr26uB4LPoSHrAYJXMhmxMlHvrJABFQsSQ==
.linkedin.com/	1970-01-20 09:25:20	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2797:u=1:x=1:i=1675434499:t=1675520899:v=2:sig=AQEpHNCrWxn9PuKUunv65Ngj77N_GaZ3"
.bidswitch.net/	1970-01-20 18:09:30	Name: tuuid Value: 4393a371-46df-4df8-a28a-b8d3700bb928
.bidswitch.net/	1970-01-20 18:09:30	Name: c Value: 1675434499
.bidswitch.net/	1970-01-20 18:09:30	Name: tuuid_lu Value: 1675434499
.aniview.com/	1970-01-20 09:52:42	Name: aniC Value:
.adform.net/	1970-01-20 10:04:13	Name: C Value: 1
.mathtag.com/	1970-01-20 18:49:49	Name: uuid Value: 4b5b63dd-1a03-4800-9ad0-775f482c88b5
.mathtag.com/	1970-01-20 10:07:06	Name: mt_mop Value: 4:1675434499
.csync.loopme.me/	1970-01-20 11:32:04	Name: viewer_token Value: 5c372909-5a69-45f0-8799-7a5e152bfafe
.1rx.io/	1970-01-20 18:09:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5dc255ed-3b53-47e7-bee1-f3502f4bb2de-003%22%7D
.adform.net/	1970-01-20 10:50:18	Name: uid Value: 9019420388163490281
.yandex.ru/	1970-01-20 18:59:54	Name: yuidss Value: 4827595931675434499
.yandex.ru/	1970-01-20 18:59:54	Name: yandexuid Value: 4827595931675434499
.w55c.net/	1970-01-20 18:51:16	Name: wfivefivec Value: uKsKOPvr1PnX355
.media.net/	1970-01-20 09:44:04	Name: data-g Value: CAESEAThes4q5tkW7sWAvwa-ysA~~3
.targeting.unrulymedia.com/	1970-01-20 18:09:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5dc255ed-3b53-47e7-bee1-f3502f4bb2de-003%22%7D
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 1953
.ads.stickyadstv.com/	1970-01-20 10:07:06	Name: UID Value: f784a2b9ba63e56f8a85a1fb43c292f4
.rubiconproject.com/	1970-01-20 18:09:30	Name: khaos Value: LDOMFXL4-21-900U
.rubiconproject.com/	1970-01-20 18:09:30	Name: audit Value: 1\|naVuGyos1qrkOoZSEvm4b4aBoIDxO2tl3hECSdDzIZpaqh3jMbzCNvrE8rE6QZLoM5lQcvoTvdzNpGeyS5O/ttAPlTu0R9RN
.technoratimedia.com/	1970-01-20 18:59:54	Name: tads_uid Value: GDPR
.w55c.net/	1970-01-20 10:07:06	Name: matchgoogle Value: 5
.aniview.com/	1970-01-20 09:38:18	Name: 1_C_200 Value: OPTOUT
sync.aniview.com/	1970-01-20 09:38:18	Name: 1_C_200 Value: OPTOUT
.aniview.com/	1970-01-20 09:38:18	Name: 1_C_56 Value: 5c372909-5a69-45f0-8799-7a5e152bfafe
sync.aniview.com/	1970-01-20 09:38:18	Name: 1_C_56 Value: 5c372909-5a69-45f0-8799-7a5e152bfafe
.aniview.com/	1970-01-20 09:38:18	Name: 1_C_105 Value: 1119ec94-a552-4fe1-9564-ee0d165ef369
sync.aniview.com/	1970-01-20 09:38:18	Name: 1_C_105 Value: 1119ec94-a552-4fe1-9564-ee0d165ef369
.aniview.com/	1970-01-20 09:38:18	Name: 1_C_9 Value: f784a2b9ba63e56f8a85a1fb43c292f4
sync.aniview.com/	1970-01-20 09:38:18	Name: 1_C_9 Value: f784a2b9ba63e56f8a85a1fb43c292f4
.prebid.a-mo.net/	1970-01-20 18:09:30	Name: __amc Value: 3_1675434497_1675434499
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8551\|Y90aB
fksnk.com/	1970-01-20 09:33:59	Name: AWSALBCORS Value: lQUZWhCQJSzgQ18xFUyF93GyFvWy7QPK2qIY/VPoYarFbftWhZJQW3tXNAtlk0YHC74+g7QNgEB49BI4X1cgn+RyLE+Ik38y5/DnnNof5WHelIxp9rxNSF1nVKrd
.fksnk.com/	1970-01-20 11:33:30	Name: f_001 Value: 35AFC6E238E4BFAD
.fksnk.com/	1970-01-20 09:25:20	Name: g_001 Value: 1
pool.admedo.com/	1970-01-20 18:09:30	Name: tuuid Value: df1bfa22-4508-4f83-a1ce-66f6c6805d7b
pool.admedo.com/	1970-01-20 18:09:30	Name: c Value: 1675434499
pool.admedo.com/	1970-01-20 18:09:30	Name: tuuid_lu Value: 1675434499
.amazon-adsystem.com/	1970-01-20 18:59:54	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 15:09:30	Name: ad-id Value: A-p-7c7iOEtYt206XBIX4BQ
.fwmrm.net/	1970-01-20 13:43:06	Name: _uid Value: "v13a2_7195936384090559192"
.ads.stickyadstv.com/	1970-01-20 10:50:18	Name: uid-bp-36033 Value: v13a2_7195936384090559192
.ads.stickyadstv.com/	1970-01-20 10:50:18	Name: MRM_UID Value: v13a2_7195936384090559192
www.file.io/	1970-01-20 09:23:58	Name: _lr_retry_request Value: true
www.file.io/	1970-01-20 10:07:06	Name: _lr_env_src_ats Value: false
.file.io/	1970-01-20 18:45:30	Name: cto_bundle Value: aukm6V92d3UxWFlCb0dDTnc2QnoyVWpsQW1tZmg1NDcxazBRaXglMkJ1bzEyOHNtTU5MQkw2TE5oWTk2d2dHckY5Zkl4MVN3MloxMkh2ayUyRkt4YTRXTU81YkNUdGFka0tzeEwwbTJKS1BGaFVBZFhsUGclM0Q
.file.io/	1970-01-20 18:45:30	Name: cto_bidid Value: 2cuDE19tMyUyQmgydEZablp1OHh2cXlQbllVOG9Ed0phTkl3MzBBNlk1aHBKc3BEWXdFejdYUXMlMkJRaDFsUXBManpoTGFBRWNIcEFpd3UxZWs2YXVISnppWFhmblElM0QlM0Q

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	error	URL: https://www.file.io/deleted/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.file.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=2173 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
79f64576550b802fc8a2d2f328bbf46c.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ads.avads.net
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
an.yandex.ru
ap.lijit.com
api.rlcdn.com
btlr.sharethrough.com
c.eu1.dyntrk.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cat.fr.eu.criteo.com
cm.g.doubleclick.net
content1.avplayer.com
cs.media.net
csm.eu.criteo.net
csync.loopme.me
d1oykxszdrgjgl.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
feed.avplayer.com
file.io
fksnk.com
go1.aniview.com
gum.criteo.com
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.360yield.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mug.criteo.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
px.ads.linkedin.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.aniview.com
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
targeting.unrulymedia.com
tg.socdm.com
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
track1.avplayer.com
u.openx.net
ups.analytics.yahoo.com
web.ssp.yahoo.com
www.file.io
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
104.108.171.239
107.23.246.142
108.139.243.54
124.146.215.50
135.125.160.77
141.95.33.111
141.95.98.64
142.250.185.98
147.75.85.234
151.101.65.108
151.139.128.10
174.137.133.49
178.250.0.160
178.250.2.146
18.156.0.31
18.156.195.47
18.195.202.31
185.255.84.151
185.29.134.248
185.64.190.77
185.64.190.78
185.86.139.102
2.16.186.10
2001:4860:4802:34::178
209.191.163.210
213.19.147.42
213.19.147.44
23.203.124.21
23.35.236.201
23.37.42.132
2600:1901:0:8344::
2600:9000:2045:4600:0:1651:6140:21
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::6816:2f8e
2606:4700:20::681a:246
2606:4700:20::681a:8a9
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2001
2a00:1450:400d:802::2002
2a00:1450:400d:806::2002
2a00:1450:400d:80c::2002
2a00:1450:4025:401::9b
2a02:2638:1::2
2a02:2638:1::8
2a02:2638::1c
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::b
2a02:26f0:3500:c::5c7b:6822
2a02:6b8::1:119
2a02:6b8::90
2a05:d018:d29:3601:25e4:d961:706:5b0e
3.64.134.215
3.69.181.161
3.85.152.66
34.95.69.49
34.98.64.218
35.205.207.25
35.210.53.219
35.214.223.115
35.71.131.137
37.157.3.20
37.252.173.215
5.196.111.65
52.0.141.180
52.28.147.230
52.28.203.152
52.29.218.170
52.44.202.238
52.46.151.131
52.55.14.74
52.57.32.9
52.58.82.235
54.216.221.232
54.239.33.158
54.80.246.179
69.16.175.10
69.16.175.42
69.166.1.12
69.173.144.138
69.173.144.165
76.223.111.18
8.43.72.97
039ed13ae2e065fdee9d11fc53ab131169c749d092693f90fff4f406e049091a
052cc51321a70368b8d983631f0d6f516b48de38dad5d09ba793097626505ccb
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098b114c0a0e056b9fb62a9a8ceb70e32581d2c0b5f642534a6ead5634caf5e7
0a84e26d78e72331e95e85f5827fdbe6007e5e6b77f8fc935ad674f3542a5aa6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c12ec0c82bdc8fcc3a79f33f58d3b019c987e395587240ef678b864f0963ad8
1350626aeb2c7ed8c84e66fe443fe70995a3f1afd5219d3a66e0977e4f95a4e9
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959
1a4efdaa8b880e312f811ecc09b35d0951059cea3bdcd152f3a3552f95eeb7f1
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
26d76d334335bbbbdf7aac29dddb1ced896c6aeb4b7db0826926fae6e8e5922e
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2d8ae33ebd033b0dcf48615e2d42c0f7df2b233bb4d657b43500a5889aece575
2fb15c8182cc4b80d5afc8b9e4bba8f1385b24fb42857daf20ba78826704d6c7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
340f478dab7c7061c5c2352350c92ddce8525e7d6a335c7245690c186eaac475
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177
35b0104974ee70c58f557cd8cd6752f7b6a1150169823eaf356abeebba394c5f
38f493d22a25f45d12fa9cf9b86ca750c4a6f18c378024c4ab78ba7483d86c38
3c19bed8881065cd1329f04ee70ac6560e7652360189722e9077069342eb4243
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da23015e018a0724ff87233a079e83ed45bf33e114ada17d8e26d174d6d4667
3eae67948d40ba7e48ffcdc4f534d48bcae6f98e5d1fc77afa1c7e931462772f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49baabe09138f14bfe21fb6d2f5604e26533077c1dfa1c7cdc0602293414c6d2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
50e7bd6d118c297466855d08f2a00aa7546a35d44316ffd36531777bba32b55d
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe
5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c8a850ecc1342e9b94fc23e8d2d15db1a48f299c47e1c4d0e8fff26c98b72df
6082f142b8887af8d662c64d7fb649e63dea33c689494b168271764ab42f19cf
615b89335544e3ee78483dc3407ec92b61f553cece1c87c2df9b039d479fed6f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
63935937ddc7b4af8086cd3e81cbc5c36ffcf6b3ce8eab9d014edde1ab633b3f
65f71a90641735320fbdece043d522c7e2bb1283872763ee587da692ca378b62
6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5
67ab8a6f77c94297a320f6ed89e9f8cf4b97e68fadc84dd3bb083073d00bd182
6946027f1167e2d84f37381198e5974aec203fb3a910f80e38fd62a2da5ecfaa
6b062c9bc137e1dc117519867d2ddb94bd21fbeb274b9d7b3c6d525c1f34890a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
82803594801967030bc695210eab72b6351d3143942bcde117ae256a513d4f2d
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
8a55172d6748c1a4da5ea86b13cf86ed57b4463e56bf1814f9df28dc24816b96
8b53e9054fc41cf6f2c14b2a2abb0456db0c7dab4dbef784b59b5b4f850cc175
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
8fba5a9ff2f224003ec5cf7ee9822b7d935e86033798383793f7bf15b046dd78
99e8be242d57a54072d21b9a2f84379a7f1a9e6fc4e1661e83e2cc80725e7cd1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a12727b013ef85be6159553d9c1e0e1944ee1d0c36654c0642b4a8167be873d9
a1b7f58fe31dcd16a96c9b4ba7c27d02af13b9879453da2d47d9e3cd5b7685d7
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54cc829e9e54c97f61adab5c35ac3225b179b11a792a91f49022d1db7b9b9aa
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa92025db7d6e619e6251e77dd26f5266bd18bdb3cd110b06b4ac6250762dc92
aca21b770398fd75d652c6f9434b39608151bd77f86039b177ef80ba48d93ad6
acdf5bb4ed2e6f1ade5971a56c48d599a241ff28daad173d7cec87603763f78a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b327fea5e04552521e80b87517d936f22fb22a170103c01963f6092730f79ffd
ba2983c57e0b66320d165d7d5784b1ca66d9193404db72b8b0b4b3a93449fbb2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be612a4a2305bf4c68a07ba4beeb23af290b23ec88498de70f316c3e7b3f80c0
bf4c662b079858253075b267c8cb03ceae688ab59c92f77ba57c6280f48a9b2e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c276285708800494d413ec1eb5884caf4d2e4e2b6e39b63c2f1e4988e568b2ed
c2d94e673877d28135aabbfe0b0d77657a56e3dbf3568357a477f4513c489770
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cac67af0d29938a7154913246d0c213da39b0cea16f6d152d9ad72628d7a0519
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
ceb24d9bf634b034bc20d2321e7c4cf29d2b82572754612308e02bfa7a43a79f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff
d70386b587907bce6f2c85efe9f689be5d253d9859dae2cb8857fe8bf8c8f545
d7644bc819a01d32c6850d97e70779351138612c2cb63af9a95cc048441170a7
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e0acfc0c79d2e9084f691532eb014e8523316e895df7f0f805591bb4097f6a3d
e0b10948c8f8424409e72354023bb956d7a6d000840271dae5bcc642c73906d3
e18cb430d37779613b30d164a96b6f76a1a2d58887a732f1fd7df440805cf2ba
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e290984b6982efadda04be15228457656e65a85c5495dff6a6764ca79e9b230d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e775498b282d2c0e5eb4ff9bcdf667699071e47055955b989fa6e79a0fa444
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ea0d964c1d88835ddb28a8efc952551f68d4af41e9dfcc7914b8275f907a63d4
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a
ece97dcb86db8e45d313350cc31e5eccfe641c9b46787f5a20038f5bceb01f96
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee5f479ea301d16161fb85b07b578efb28f451b4e038d5db34fc292f0a18098a
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0632ed635bc82cb0d16359e75b80f0a5e4d9eebabcbc4aaf03483605137829c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6adc8d1333d3210036fb1f70540db20bce7b2540a199635eda879d05002e8c9
f6e71eeef1e40c63b69666f9d805758869d464935777c2e56ee6f90ee3b8b1fb
f78b804125d36b1a1c502fc0bc1aae64f96ade1ee9a773ba5def5b80804094ce
f84bd0b1ec5d487fb58718740c44db9e761649868eb49e769225cfbb77d9e8f2
fb2a3185b8a550b167ef6b3a84e7820b82de0f0d51acd770e62cf0e83c655f57
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc757f1ebf108ae3d13759ba1c626880971f449ba71c7a5236b9770624a11a82

www.file.io Open in urlscan Pro 108.139.243.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

306 Requests

90 %HTTPS

32 %IPv6

56 Domains

95 Subdomains

73 IPs

11 Countries

2874 kBTransfer

10557 kBSize

76 Cookies

7 Outgoing links

Page URL History

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.file.io Open in urlscan Pro
108.139.243.54 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

90 %
HTTPS

32 %
IPv6

56
Domains

95
Subdomains

73
IPs

11
Countries

2874 kB
Transfer

10557 kB
Size

76
Cookies

306 HTTP transactions
13 data transactions