Submitted URL: https://file.io/bdjrHZf7rqWN
Effective URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Submission: On September 04 via manual from CA — Scanned from CA

Summary

This website contacted 99 IPs in 5 countries across 68 domains to perform 314 HTTP transactions. The main IP is 18.238.80.14, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 26th 2023. Valid for: a year.
This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 45.55.107.24 14061 (DIGITALOC...)
39 18.238.80.14 16509 (AMAZON-02)
4 151.101.67.42 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.193.194 54113 (FASTLY)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.67.63.125 16509 (AMAZON-02)
6 34.255.52.148 16509 (AMAZON-02)
3 22 2620:116:800b... 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 2600:9000:21d... 16509 (AMAZON-02)
3 52.208.192.13 16509 (AMAZON-02)
1 108.138.106.70 16509 (AMAZON-02)
2 108.139.30.15 16509 (AMAZON-02)
1 34.120.111.33 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 3.83.106.164 14618 (AMAZON-AES)
2 34.206.91.202 14618 (AMAZON-AES)
5 207.65.37.179 62713 (AS-PUBMATIC)
1 100.21.171.219 16509 (AMAZON-02)
13 216.22.16.65 30633 (LEASEWEB-...)
2 125.253.89.184 19437 (SS-ASH)
3 104.18.34.190 13335 (CLOUDFLAR...)
3 6 68.67.161.182 29990 (ASN-APPNEX)
4 23.201.174.84 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2607:f8b0:400... 15169 (GOOGLE)
4 8 35.71.131.137 16509 (AMAZON-02)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 52.46.155.104 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 108.138.128.46 16509 (AMAZON-02)
1 2620:100:a00b::4 19750 (AS-CRITEO)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 172.64.152.89 13335 (CLOUDFLAR...)
8 14 162.19.138.117 16276 (OVH)
3 141.95.33.120 16276 (OVH)
1 2606:ae80:147... 25751 (VALUECLICK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 10 54.149.167.136 16509 (AMAZON-02)
3 3 8.28.7.83 62713 (AS-PUBMATIC)
1 2 69.173.146.5 26667 (RUBICONPR...)
4 4 34.111.113.62 396982 (GOOGLE-CL...)
3 8 142.250.80.34 15169 (GOOGLE)
1 1 23.105.12.121 30633 (LEASEWEB-...)
1 1 198.148.27.131 19189 (PULSEPOINT)
1 2 69.194.240.13 26120 (RHYTHMONE)
2 2600:141b:e80... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.242.143.54 14618 (AMAZON-AES)
2 2 23.201.191.176 16625 (AKAMAI-AS)
2 23.41.170.143 16625 (AKAMAI-AS)
3 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
3 3 50.57.31.206 19994 (RACKSPACE)
1 1 44.215.220.115 14618 (AMAZON-AES)
1 1 207.65.37.181 62713 (AS-PUBMATIC)
1 1 2607:f350:3:2... 27630 (AS-XFERNET)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:e80... 20940 (AKAMAI-ASN1)
8 2600:141b:e80... 20940 (AKAMAI-ASN1)
5 172.240.45.75 7979 (SERVERS-COM)
3 2600:141b:1c0... 20940 (AKAMAI-ASN1)
6 18.238.49.74 16509 (AMAZON-02)
1 108.138.106.8 16509 (AMAZON-02)
20 23.45.194.34 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 192.184.68.254 14618 (AMAZON-AES)
1 35.244.193.51 15169 (GOOGLE)
1 2 2620:100:a00b... 19750 (AS-CRITEO)
2 74.119.117.17 19750 (AS-CRITEO)
1 52.223.22.214 16509 (AMAZON-02)
1 195.244.31.11 63140 (IGUANA-WO...)
3 23.45.193.13 16625 (AKAMAI-AS)
1 125.253.89.182 19437 (SS-ASH)
1 151.101.65.108 54113 (FASTLY)
3 3 54.92.251.231 14618 (AMAZON-AES)
1 1 80.77.87.108 46636 (NATCOWEB)
1 1 3.214.166.47 14618 (AMAZON-AES)
3 54.224.103.108 14618 (AMAZON-AES)
1 74.119.117.16 19750 (AS-CRITEO)
1 1 67.202.105.23 32748 (STEADFAST)
4 2600:141b:e80... 20940 (AKAMAI-ASN1)
2 142.251.40.102 15169 (GOOGLE)
1 172.240.45.81 7979 (SERVERS-COM)
1 23.83.76.85 395954 (LEASEWEB-...)
1 2 63.251.28.210 26558 (FREEWHEEL)
8 172.240.45.78 7979 (SERVERS-COM)
1 1 52.4.195.213 14618 (AMAZON-AES)
1 3.225.218.10 14618 (AMAZON-AES)
2 147.28.146.89 54825 (PACKET)
1 1 3.233.60.12 14618 (AMAZON-AES)
1 1 8.2.110.134 46636 (NATCOWEB)
1 1 34.36.216.150 396982 (GOOGLE-CL...)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
1 51.222.39.184 16276 (OVH)
1 1 68.67.179.153 29990 (ASN-APPNEX)
1 2 35.211.202.130 15169 (GOOGLE)
1 172.240.45.70 7979 (SERVERS-COM)
1 34.197.151.115 14618 (AMAZON-AES)
1 34.36.214.49 396982 (GOOGLE-CL...)
1 52.85.61.84 16509 (AMAZON-02)
1 63.251.28.211 26558 (FREEWHEEL)
1 2600:9000:251... 16509 (AMAZON-02)
1 172.240.45.76 7979 (SERVERS-COM)
314 99
Apex Domain
Subdomains
Transfer
41 file.io
file.io — Cisco Umbrella Rank: 479912
www.file.io
944 KB
22 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2328
a.ad.gt — Cisco Umbrella Rank: 2521
p.ad.gt — Cisco Umbrella Rank: 2796
ids.ad.gt — Cisco Umbrella Rank: 2348
pixels.ad.gt — Cisco Umbrella Rank: 2702
seg.ad.gt — Cisco Umbrella Rank: 4065
proton.ad.gt — Cisco Umbrella Rank: 5161
22 KB
21 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 16006
track4.aniview.com — Cisco Umbrella Rank: 11479
player.aniview.com — Cisco Umbrella Rank: 2902
play.aniview.com — Cisco Umbrella Rank: 37574
go1.aniview.com — Cisco Umbrella Rank: 7282
sync.aniview.com — Cisco Umbrella Rank: 2915
s2s.aniview.com — Cisco Umbrella Rank: 15156
344 KB
20 moatads.com
z.moatads.com — Cisco Umbrella Rank: 1247
px.moatads.com — Cisco Umbrella Rank: 1015
119 KB
17 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 2075
content.quantcount.com — Cisco Umbrella Rank: 9210
assets.quantcount.com — Cisco Umbrella Rank: 24357
pixel.quantcount.com — Cisco Umbrella Rank: 6001
exch.quantcount.com — Cisco Umbrella Rank: 39063
pixel-ssn.quantcount.com
139 KB
16 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2337
pixel.quantserve.com — Cisco Umbrella Rank: 1616
15 KB
15 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1233
id5-sync.com — Cisco Umbrella Rank: 645
44 KB
15 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2459
sync.smartadserver.com — Cisco Umbrella Rank: 2269
use1.smartadserver.com — Cisco Umbrella Rank: 12415
www14.smartadserver.com — Cisco Umbrella Rank: 42992
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1165
26 KB
13 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
ad.doubleclick.net — Cisco Umbrella Rank: 210
184 KB
13 google.com
analytics.google.com — Cisco Umbrella Rank: 238
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
www.google.com — Cisco Umbrella Rank: 10
80 KB
12 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 744
image2.pubmatic.com — Cisco Umbrella Rank: 1373
image6.pubmatic.com — Cisco Umbrella Rank: 1487
ads.pubmatic.com — Cisco Umbrella Rank: 855
image8.pubmatic.com Failed
1 KB
10 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 25931
player.avplayer.com — Cisco Umbrella Rank: 18560
content1.avplayer.com — Cisco Umbrella Rank: 28094
track1.avplayer.com — Cisco Umbrella Rank: 25589
316 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 505
5 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
secure.adnxs.com — Cisco Umbrella Rank: 764
acdn.adnxs.com — Cisco Umbrella Rank: 961
8 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 394
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999
aax.amazon-adsystem.com — Cisco Umbrella Rank: 501
s.amazon-adsystem.com — Cisco Umbrella Rank: 399
88 KB
7 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 694
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1494
eus.rubiconproject.com — Cisco Umbrella Rank: 948
pixel.rubiconproject.com — Cisco Umbrella Rank: 555
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 7861
3 KB
7 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1860
match.sharethrough.com — Cisco Umbrella Rank: 804
4 KB
6 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3631
apps.sascdn.com — Cisco Umbrella Rank: 9046
14 KB
6 cpx.to
p.cpx.to — Cisco Umbrella Rank: 16638
s.cpx.to — Cisco Umbrella Rank: 12865
6 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 553
mug.criteo.com — Cisco Umbrella Rank: 2813
dis.criteo.com — Cisco Umbrella Rank: 1058
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1162
sync.a-mo.net — Cisco Umbrella Rank: 3188
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
23 KB
4 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2501
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 353
32 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646
1 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1622
106 KB
4 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 37974
374 KB
3 openx.net
u.openx.net — Cisco Umbrella Rank: 1176
pa.openx.net — Cisco Umbrella Rank: 5140
349 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 969
1 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2344
2 KB
3 googlesyndication.com
20806bddc7e79fec8ae1f3f389cda6c3.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
75 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187
847 B
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1594
lexicon.33across.com — Cisco Umbrella Rank: 2352
ssc-cms.33across.com — Cisco Umbrella Rank: 1474
7 KB
3 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 6061
2 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 998
eb2.3lift.com — Cisco Umbrella Rank: 632
2 KB
3 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 36546
484 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
264 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 499
325 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1396
ap.lijit.com — Cisco Umbrella Rank: 1228
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 741
333 B
2 adtrafficquality.google
ep1.adtrafficquality.google
ep2.adtrafficquality.google
19 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1256
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
13 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4612
visitor.omnitagjs.com — Cisco Umbrella Rank: 1229
697 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 3230
21 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2186
104 B
2 doubleverify.com
pub.doubleverify.com — Cisco Umbrella Rank: 4922
21 KB
2 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2483
49 KB
1 streamrail.com
sdk.streamrail.com — Cisco Umbrella Rank: 6933
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3211
738 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1081
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1117
18 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 4620
619 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612
1 eexsync.com
eexsync.com — Cisco Umbrella Rank: 7045
731 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1537
569 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2583
167 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 1077
868 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4267
460 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3616
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 992
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2913
8 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2589
12 KB
1 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 9270
7 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1603
917 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
63 B
1 fastly.net
hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 59362
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 48944
665 B
0 rlcdn.com Failed
api.rlcdn.com Failed
314 68
Domain Requested by
39 www.file.io www.file.io
cadmus.script.ac
hb.vntsm.com
17 px.moatads.com
15 pixel.quantserve.com www.file.io
14 id5-sync.com 8 redirects cadmus.script.ac
hb.vntsm.com
www.file.io
11 fundingchoicesmessages.google.com cadmus.script.ac
hb.vntsm.com
10 ids.ad.gt 1 redirects
8 sync.aniview.com www.file.io
8 match.adsrvr.org 4 redirects cadmus.script.ac
hb.vntsm.com
www.file.io
7 www14.smartadserver.com www.file.io
6 content.quantcount.com cadmus.script.ac
5 content1.avplayer.com
5 track4.aniview.com player.aniview.com
5 s.cpx.to cadmus.script.ac
5 hbopenbid.pubmatic.com hb.vntsm.com
www.file.io
5 securepubads.g.doubleclick.net hb.vntsm.com
cadmus.script.ac
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.file.io
cadmus.script.ac
4 player.aniview.com www.file.io
4 ssp.disqus.com 4 redirects
4 www.googletagservices.com cadmus.script.ac
4 cm.g.doubleclick.net 3 redirects
4 pixel.tapad.com 4 redirects
4 secure.cdn.fastclick.net cadmus.script.ac
4 ib.adnxs.com 1 redirects hb.vntsm.com
cadmus.script.ac
4 prebid.a-mo.net hb.vntsm.com
www.file.io
4 btlr.sharethrough.com hb.vntsm.com
4 hb.vntsm.com www.file.io
hb.vntsm.com
3 ads.stickyadstv.com 1 redirects www.file.io
3 match.sharethrough.com
3 ads.pubmatic.com cadmus.script.ac
www.file.io
3 pixel-ssn.quantcount.com www.file.io
3 exch.quantcount.com 3 redirects
3 pixel.quantcount.com cadmus.script.ac
3 use1.smartadserver.com cadmus.script.ac
3 z.moatads.com cadmus.script.ac
3 apps.sascdn.com cadmus.script.ac
3 player.avplayer.com cadmus.script.ac
hb.vntsm.com
3 uipglob.semasio.net 3 redirects
3 ced-ns.sascdn.com www.file.io
3 image2.pubmatic.com 3 redirects
3 secure.adnxs.com 3 redirects
3 p.ad.gt cadmus.script.ac
hb.vntsm.com
3 lb.eu-1-id5-sync.com cadmus.script.ac
hb.vntsm.com
www.file.io
3 id.hadron.ad.gt hb.vntsm.com
3 elb.the-ozone-project.com hb.vntsm.com
cadmus.script.ac
3 prg.smartadserver.com hb.vntsm.com
3 track.venatusmedia.com hb.vntsm.com
3 c.amazon-adsystem.com hb.vntsm.com
3 www.googletagmanager.com www.file.io
www.googletagmanager.com
cadmus.script.ac
2 x.bidswitch.net 1 redirects
2 u.openx.net 2 redirects
2 ad.doubleclick.net www.file.io
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 seg.ad.gt hb.vntsm.com
2 eus.rubiconproject.com www.file.io
2 secure-assets.rubiconproject.com 2 redirects
2 sync.1rx.io 1 redirects
2 a.ad.gt cadmus.script.ac
hb.vntsm.com
2 s.amazon-adsystem.com 1 redirects cadmus.script.ac
2 tlx.3lift.com hb.vntsm.com
2 script.4dex.io cadmus.script.ac
2 aax.amazon-adsystem.com hb.vntsm.com
2 i.clean.gg hb.vntsm.com
2 pub.doubleverify.com hb.vntsm.com
cadmus.script.ac
2 cadmus.script.ac hb.vntsm.com
cadmus.script.ac
2 file.io 1 redirects www.file.io
1 track1.avplayer.com player.avplayer.com
1 sdk.streamrail.com www.file.io
1 hb.yellowblue.io www.file.io
1 pa.openx.net www.file.io
1 optimized-by.rubiconproject.com www.file.io
1 s2s.aniview.com www.file.io
1 onetag-sys.com www.file.io
1 pixel-sync.sitescout.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 ups.analytics.yahoo.com www.file.io
1 ap.lijit.com 1 redirects
1 ssbsync.smartadserver.com www.file.io
1 go1.aniview.com hb.vntsm.com
1 play.aniview.com
1 ssc-cms.33across.com 1 redirects
1 dis.criteo.com
1 ce.lijit.com 1 redirects
1 eexsync.com 1 redirects
1 acdn.adnxs.com cadmus.script.ac
1 sync.a-mo.net cadmus.script.ac
1 visitor.omnitagjs.com cadmus.script.ac
1 eb2.3lift.com cadmus.script.ac
1 lexicon.33across.com hb.vntsm.com
1 proton.ad.gt cadmus.script.ac
1 assets.quantcount.com cadmus.script.ac
1 feed.avplayer.com hb.vntsm.com
1 www.google.com cadmus.script.ac
1 tpc.googlesyndication.com cadmus.script.ac
1 pixel.rubiconproject.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 pagead2.googlesyndication.com cadmus.script.ac
1 pixels.ad.gt cadmus.script.ac
1 bcp.crwdcntrl.net hb.vntsm.com
1 ep2.adtrafficquality.google cadmus.script.ac
1 tg1.aniview.com cadmus.script.ac
1 bh.contextweb.com 1 redirects
1 sync.smartadserver.com 1 redirects
1 token.rubiconproject.com
1 20806bddc7e79fec8ae1f3f389cda6c3.safeframe.googlesyndication.com cadmus.script.ac
1 ep1.adtrafficquality.google hb.vntsm.com
1 proc.ad.cpe.dotomi.com hb.vntsm.com
1 cdn-ima.33across.com cadmus.script.ac
1 invstatic101.creativecdn.com cadmus.script.ac
1 static.criteo.net cadmus.script.ac
1 tags.crwdcntrl.net cadmus.script.ac
1 oa.openxcdn.net cadmus.script.ac
1 cdn.id5-sync.com cadmus.script.ac
1 cdn.hadronid.net cadmus.script.ac
1 hb-api.omnitagjs.com hb.vntsm.com
1 cdn.edkt.io cadmus.script.ac
1 config.aps.amazon-adsystem.com cadmus.script.ac
1 rules.quantcount.com cadmus.script.ac
1 secure.quantserve.com hb.vntsm.com
1 p.cpx.to hb.vntsm.com
1 ad-delivery.net hb.vntsm.com
1 www.google.ca www.file.io
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 hb-vntsm-com.global.ssl.fastly.net hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
0 image8.pubmatic.com Failed
0 api.rlcdn.com Failed hb.vntsm.com
314 131
Subject Issuer Validity Valid
*.file.io
Amazon RSA 2048 M02
2023-12-26 -
2025-01-23
a year crt.sh
*.vntsm.com
R10
2024-06-18 -
2024-09-16
3 months crt.sh
*.google-analytics.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
hb.vntsm.io
WE1
2024-07-07 -
2024-10-05
3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-11-09 -
2024-12-10
a year crt.sh
file.io
R10
2024-08-10 -
2024-11-08
3 months crt.sh
*.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.doubleclick.net
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.google.ca
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
ad-delivery.net
WE1
2024-07-15 -
2024-10-13
3 months crt.sh
script.ac
E6
2024-08-21 -
2024-11-19
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
p.cpx.to
Amazon RSA 2048 M03
2024-04-24 -
2025-05-23
a year crt.sh
quantserve.com
R11
2024-08-23 -
2024-11-21
3 months crt.sh
pub.doubleverify.com
WE1
2024-08-02 -
2024-10-31
3 months crt.sh
i.clean.gg
WR3
2024-08-30 -
2024-11-28
3 months crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02
2023-12-25 -
2025-01-22
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
edkt.io
WR3
2024-08-03 -
2024-11-01
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2023-10-23 -
2024-10-22
a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-07-15 -
2025-08-15
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-10
a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
*.omnitagjs.com
Amazon RSA 2048 M02
2024-03-18 -
2025-04-17
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.a-mo.net
R11
2024-07-31 -
2024-10-29
3 months crt.sh
the-ozone-project.com
WE1
2024-08-16 -
2024-11-14
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
hadronid.net
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
id5-sync.com
WE1
2024-08-02 -
2024-10-31
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
id.hadron.ad.gt
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-04-24 -
2025-04-17
a year crt.sh
a.ad.gt
WE1
2024-08-07 -
2024-11-05
3 months crt.sh
oa.openxcdn.net
WR3
2024-07-18 -
2024-10-16
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-02 -
2024-11-28
3 months crt.sh
invstatic101.creativecdn.com
WR3
2024-08-17 -
2024-11-15
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
s.cpx.to
Amazon RSA 2048 M02
2024-04-24 -
2025-05-23
a year crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
*.eu-1-id5-sync.com
R10
2024-09-01 -
2024-11-30
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2024-06-17 -
2025-07-19
a year crt.sh
adtrafficquality.google
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3
2023-11-09 -
2024-11-07
a year crt.sh
*.ad.gt
Amazon RSA 2048 M02
2024-03-10 -
2025-04-08
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2024-06-13 -
2025-07-14
a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-14 -
2025-07-15
a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-16 -
2025-07-16
a year crt.sh
pixels.ad.gt
WE1
2024-07-08 -
2024-10-06
3 months crt.sh
seg.ad.gt
WE1
2024-07-08 -
2024-10-06
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
outstreamedia.com
R11
2024-08-06 -
2024-11-04
3 months crt.sh
*.avplayer.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-16 -
2024-10-15
a year crt.sh
quantcount.com
R10
2024-08-06 -
2024-11-04
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
proton.ad.gt
WE1
2024-07-10 -
2024-10-08
3 months crt.sh
lexicon.33across.com
WR3
2024-07-11 -
2024-10-09
3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-02 -
2025-08-01
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-26 -
2024-11-20
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2024-04-08 -
2025-05-09
a year crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-09 -
2025-02-08
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-07-30 -
2025-01-22
6 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-16 -
2024-10-16
3 months crt.sh
pa.openx.net
WR3
2024-07-22 -
2024-10-20
3 months crt.sh
*.yellowblue.io
Amazon RSA 2048 M03
2024-03-18 -
2025-04-16
a year crt.sh
streamrail.com
Amazon RSA 2048 M03
2024-03-13 -
2025-04-11
a year crt.sh
track1.avplayer.com
ZeroSSL RSA Domain Secure Site CA
2024-08-21 -
2024-11-19
3 months crt.sh

This page contains 46 frames:

Primary Page: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Frame ID: 403F10D0F738F5A96476972CEC568D43
Requests: 220 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-KDJB5247JB&gacid=1052521603.1725415099&gtm=45je4930v9119119180za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1577434857
Frame ID: 37EE65AC76C1563F4D2212141D672376
Requests: 1 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 35F84D106FC28637BE5694985C16DB75
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-Ogury_rx_snb_smrt_n-adYouLike_n-sharethrough_pm-db5_rbd_n-Rise_3lift_n-Outbrain&dcc=t
Frame ID: 42CDA27404B05607B375735C77114FF2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 01FBB4B4BFE4CFD8462AF77C9FC7A807
Requests: 1 HTTP requests in this frame

Frame: https://20806bddc7e79fec8ae1f3f389cda6c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 303E99CC5982D8C4FE6F4969722A1591
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 51EFE9E0851D79D0CACD85E5FE07B162
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.7.js
Frame ID: A329F0AB51E3FB86C6579E4556A077AF
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.7.js
Frame ID: 9BC8D8488FAC17B6C79D7BBBDDABF500
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5787B3DCCD9467C332BBA05A3E173BA5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81F44DDFBC182D9FDF564A66CA0972F8
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.7.js
Frame ID: DD95957E96DD61C4FDF4B456870118D1
Requests: 4 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2289dd86e3-9d2c-4e52-ac5d-50c9c8660928%22%2c%22adomain%22%3a%22structube.com%22%2c%22page%22%3a%221143513%22%2c%22format%22%3a%2282113%22%2c%22crid%22%3a%22f195585e-4918-4d0d-ba8a-59a573ba987c%22%2c%22dsp%22%3a%2280%22%2c%22buyer%22%3a%22204598%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-8077188547423890240%22%7d
Frame ID: CFBDBD094B2EC16DF1C6EA686DA12FD1
Requests: 1 HTTP requests in this frame

Frame: https://content.quantcount.com/adchoices/adchoices.css
Frame ID: EE428C7C866F358C97E51440BCF11389
Requests: 8 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2251436081-8f40-4701-9062-00aa05e13a8f%22%2c%22adomain%22%3a%22voila.ca%22%2c%22page%22%3a%221143513%22%2c%22format%22%3a%2282113%22%2c%22crid%22%3a%222f445ebe-b4e5-49ca-91fa-9484cd9b1013%22%2c%22dsp%22%3a%2280%22%2c%22buyer%22%3a%22204445%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%228721827343437296165%22%7d
Frame ID: 47172D2FFB2C66EAAEED324DD4C0F804
Requests: 1 HTTP requests in this frame

Frame: https://content.quantcount.com/adchoices/adchoices.css
Frame ID: 517463182C27367539DE69B331D5C9E9
Requests: 9 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: 84A2CFA2ECF8108D8D640772B0A6A00D
Requests: 1 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22e6f047cb-1e6c-495c-b4d4-5d0e4d3c33ad%22%2c%22adomain%22%3a%22voila.ca%22%2c%22page%22%3a%221143513%22%2c%22format%22%3a%2282113%22%2c%22crid%22%3a%22eec7f6f4-a4c0-4f42-81aa-dab7ccb8290f%22%2c%22dsp%22%3a%2280%22%2c%22buyer%22%3a%22204445%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%223350171386312118056%22%7d
Frame ID: 4658734184F67CDBC0B608FE37DC78D0
Requests: 1 HTTP requests in this frame

Frame: https://content.quantcount.com/adchoices/adchoices.css
Frame ID: 42FEAA85887B8C19C2ED625D21906F5F
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A755D7287ABBA545F490CD195C481E38
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: 4794D3F2315A91E48AC83FAECF883787
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: F292727460565B49E4B343FEA328AD2A
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=78c1e252-d468-42bc-b049-e4708031a075&publisherId=OZONEVEN0005&siteId=3500000651&cb=1725415101634&bidder=ozone
Frame ID: 01D78B8CDC43FA34BB0D39E416E34880
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CpQCSgt3d3cuZmlsZS5pb1ILYWFzLTUxZTZjYWNaCHBiYTEuMy40agt3d3cuZmlsZS5pb_oBBjguMzguMOgCAYgDvf3etgaoAynqAyQ3OTAwYmRjYy1kNGU2LTRiYWMtOTI1Yi0wMTY5MmZkZGU2MzSiBC5odHRwczovL3d3dy5maWxlLmlvL3o4VmEvZG93bmxvYWQvYmRqckhaZjdycVdOqgQDSVNQsgUDVVNE6gUHZGVza3RvcPoFA2FzaMAGAMgGAdIGIEExMjgxOTdBRjI3RjRBRkI5NEQ2MEY1QUJFODJCQUUwqgcDd2ViygcHZmlsZS5pb-AHAYIIB2ZpbGUuaW-KCAZjaHJvbWWZCAAAAAAACAAA
Frame ID: 6C6F67A03C1607CDC37F6845A947582E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0EF2FAA0A38A88F4EF866BC23ECB98D1
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Frame ID: 4BB25362B55CAE83F2A0B12D5FBED63B
Requests: 16 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7372.245881CADREON/B31830695.399616786;dc_ver=101.296;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=2669637487;ord=892kz1;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-FzmKaBBs3r0sm%26labels%3D_qc.clk%2C_click.adserver.rtb%2C_click.rand.1913226156%26rtbip%3D192.184.73.138%26rtbdata2%3DEBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYAB4uWkoAy6ARM4NDUyMjM4MzE5MDc3MDI5NDc0wAGA8QTIAd2mhNabMtoBJDNhNTE2NjQ1LTkxY2YtNGE4ZS05NzkwLTJhMDgyYzgzYjI2ZbACDsgCANACzuGG-_if98ypAegCIPICDwjAhD0QhYrRh6O16oOLAfICDwjD7SgQhf-xsOH45oqOAfICDAggENih8fzyw9jyT_gCAIoDBDM0OTCSAwhzbWFydF9hZJgDAKgDALIDBKYAzUa6AxIJ60MSjTroZ_cRR_Nb4YudFaLCAxIJyknltL5eRC8RExCbzYSU-pHIA5qAwBPYA6yHppAH4gMPcC1Gem1LYUJCczNyMHNt6gMGCKwCEPoB8gMJaDNoJTIwMGEx-AMAgASGDYoEBDExNzKaBBIJ5EimVZSqcW4R6gwc-NjCRoSiBBIJ60MSjTroZ_cRR_Nb4YudFaKqBBIJ60MSjTroZ_cRR_Nb4YudFaK4BKgB0AQg8gQCQ0GABQGKBSoyMDBmYTFkZDU2OTM2NjZiNWZhZmNkM2Y5ZjIzYzFkZTMxZDQxZjM2MWOQBQGaBRUgD6HdVpNma1-vzT-fI8HeMdQfNhyiBSRKUHk5X3czLXA2b003WnpCR2RDYXJpelcySzBsOHcyeVRxST24BQDABdT42e8IyAXkzagE0gUGCAIQAxgT4AUB6AUHmgYUChIJ5EimVZSqcW4R6gwc-NjCRoSgBgCoBo7C-xK1Bi8PBzi6Bj4KAkNBEgJRQxiuzAciCG1vbnRyZWFsKgloM2glMjAwYTE6G2FjZSUyMGRhdGElMjBjZW50ZXJzJTIwaW5jLskGN5A0Xavb6gXQBg7YBh7iBh9fZnAuZXZlbnQuUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYQaHR0cHM6Ly92b2lsYS5jYfEGATg0Xavb6gU%26redirecturl3%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN$0;xdt=0;crlt=M06yUEtDgK;cmpl=8;gcsr=m;stc=1;chaa=1;sttr=1122;prcl=s
Frame ID: 493A93D94B9B0101E5396987C06D7732
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7372.245881CADREON/B31830695.400049205;dc_ver=101.296;sz=160x600;u_sd=1;gdpr=0;nel=1;dc_adk=4262858381;ord=2phggw;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-FzmKaBBs3r0sm%26labels%3D_qc.clk%2C_click.adserver.rtb%2C_click.rand.257784727%26rtbip%3D192.184.73.166%26rtbdata2%3DEBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYAB0oiD7Q66ARM4NDUyMjM4MzE5MDc3MDI5NDc0wAGA8QTIAZmthNabMtoBJGJjMDA2OGI1LTlmOGEtNDczNS1iOGZjLWNlYmZlYTAyYzJmMrACDsgCANACzuGG-_if98ypAegCIPICDwjAhD0QhYrRh6O16oOLAfICDwiT4TQQhf-xsOH45oqOAfICDAggENih8fzyw9jyT_gCAIoDBDM0OTCSAwhzbWFydF9hZJgDAKgDALIDBKYAzUa6AxIJ60MSjTroZ_cRR_Nb4YudFaLCAxIJQk_ApPT2x-4RDym4zLfaqoHIA5qAwBPYA5f39XriAw9wLUZ6bUthQkJzM3Iwc23qAwYIoAEQ2ATyAwloM2glMjAwYTH4AwCABIYNigQEMTE3MpoEEgnkSKZVlKpxbhHqDBz42MJGhKIEEgnrQxKNOuhn9xFH81vhi50VoqoEEgnrQxKNOuhn9xFH81vhi50VorgEqAHQBCDyBAJDQYAFAYoFKjIwMGZhMWRkNTY5MzY2NmI1ZmFmY2QzZjlmMjNjMWRlMzFkNDFmMzYxY5AFAZoFFSAPod1Wk2ZrX6_NP58jwd4x1B82HKIFJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPbgFAMAFl_f1esgF5M2oBNIFBggCEAQYI-gFB5oGFAoSCeRIplWUqnFuEeoMHPjYwkaEoAYAqAbKyPsStQboDwc4ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBkIQN5mu2-oF0AYO2AYe4gYfX2ZwLmV2ZW50LlB1cmNoYXNlIENvbmZpcm1hdGlvbuoGEGh0dHBzOi8vdm9pbGEuY2HxBgOANpmu2-oF%26redirecturl3%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN$0;xdt=0;crlt=M06yUEtDgK;cmpl=8;gcsr=m;stc=1;chaa=1;sttr=1196;prcl=s
Frame ID: 25A67334C0A59582C05CA33D2D0FB331
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Frame ID: 397D1FBBEB76CAC40647A4BBE4EAA989
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=e42ffa6c5ccb4f87abffd2e3f2af7412&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: EB420C17E9871B92DC90009C4263528B
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: 697267BA69C30AD3C55EAB226B3D371D
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=18&key=JRd2ALZHibusND0NQjeMEK8z
Frame ID: 4967E23ADDF3915BFDD9351C079F7461
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D1%26key%3D
Frame ID: 05F85085DA3F86016A7F9819AF818FA0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 7376F0C237F1C47D72FECE8BEA7446A3
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Frame ID: 9423CF4BCF00D86D9EB48F70F7BBBC65
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Frame ID: 2790FB5924F78A517DB28E4CF1832A0B
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqjwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9NjcyMzExYWYtY2I5ZC00YmE4LWE2ZDUtMmIzY2ZiODZkMmM4JmJpZGRlcm5hbWU9NTIma2V5PXVhLTY0NzBmZDQ3LTQwNTMtMzJlOC04MDAzLTNiMzYyMzRlNjFiNTICBhs4AQ==%26buyeruid%3D
Frame ID: 7637533DC1807A1A0C4D79C724CFC08B
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=62&key=de4b9a3f-9eaf-563e-8f4f-4d1dd0eb307f
Frame ID: 68D4E1C1B796063DFE7A3E422CC1DC56
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&gdpr=0&gdpr_consent=&ccpa=1---&key=bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
Frame ID: 585B469D754533DB1310A34FE1AEFB67
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=23&key=41755e72-01b9-4904-93c2-c49f72d86307
Frame ID: 13747A626D453ACFE41C2CE65607BD89
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: B5A64737FBD36CD934E737E263047316
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=55&key=3886628682223636672
Frame ID: 0AA3CE1870EDD5D47BC531F00CC96302
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=200&key=OPTOUT
Frame ID: DFDD88220DF99629037A250052FA7FE3
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 962A655C9C87B54870DDB5D6502A3210
Requests: 1 HTTP requests in this frame

Frame: https://sdk.streamrail.com/cs-config/cs.html?org=5fa94677b2db6a00015b22a9&tc=5fcca73e13fd9b000100aa2e&as=5fcca73e13fd9b000100aa30&type=hb&wd=cs.yellowblue.io&domain=file.io
Frame ID: 5994F3316E43E1DBC42875B88835ADC1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335&us_privacy=1---
Frame ID: F3EA714F8C79FE676D880EB0FBDFD002
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Download | file.io

Page URL History Show full URLs

  1. https://file.io/bdjrHZf7rqWN HTTP 302
    https://www.file.io/z8Va/download/bdjrHZf7rqWN Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

314
Requests

92 %
HTTPS

31 %
IPv6

68
Domains

131
Subdomains

99
IPs

5
Countries

3392 kB
Transfer

13624 kB
Size

311
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://file.io/bdjrHZf7rqWN HTTP 302
    https://www.file.io/z8Va/download/bdjrHZf7rqWN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-Ogury_rx_snb_smrt_n-adYouLike_n-sharethrough_pm-db5_rbd_n-Rise_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-Ogury_rx_snb_smrt_n-adYouLike_n-sharethrough_pm-db5_rbd_n-Rise_3lift_n-Outbrain&dcc=t
Request Chain 99
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001725415102-I0C8NFXP-V137&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001725415102-I0C8NFXP-V137&adnxs_id=3886628682223636672&gdpr=0
Request Chain 100
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001725415102-I0C8NFXP-V137&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=77c79248-d765-4dff-b399-d5cbd1628181&id=AU1D-0100-001725415102-I0C8NFXP-V137
Request Chain 101
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001725415102-I0C8NFXP-V137 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001725415102-I0C8NFXP-V137 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=7A25AC93-1E74-489E-BD48-53BB2C0A1325&id=AU1D-0100-001725415102-I0C8NFXP-V137
Request Chain 103
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001725415102-I0C8NFXP-V137&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001725415102-I0C8NFXP-V137%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001725415102-I0C8NFXP-V137&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001725415102-I0C8NFXP-V137%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c4fd3250-5065-4ae6-949f-ad6b7e8ca640%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001725415102-I0C8NFXP-V137%252526tapad_id%25253Dc4fd3250-5065-4ae6-949f-ad6b7e8ca640%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=77c79248-d765-4dff-b399-d5cbd1628181&ttd_puid=c4fd3250-5065-4ae6-949f-ad6b7e8ca640%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001725415102-I0C8NFXP-V137%2526tapad_id%253Dc4fd3250-5065-4ae6-949f-ad6b7e8ca640%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&tapad_id=c4fd3250-5065-4ae6-949f-ad6b7e8ca640
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001725415102-I0C8NFXP-V137 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&google_gid=CAESECKDX06NinPkZAYhSIPh-cc&google_cver=1&google_ula=450542624,0
Request Chain 105
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001725415102-I0C8NFXP-V137 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNTQxNTEwMi1JMEM4TkZYUC1WMTM3
Request Chain 106
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001725415102-I0C8NFXP-V137%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&sas_uid=8452238319077029474
Request Chain 107
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001725415102-I0C8NFXP-V137 HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=3B6Ob4F8FxAa&ev=1&pid=562316&id=AU1D-0100-001725415102-I0C8NFXP-V137
Request Chain 119
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 139
  • https://id5-sync.com/i/258/8.gif?o=api&id5id=ID5*vhd50q9VkZyePvc95TO7nX1ZHH8xfxRVOfvL4kATCgHBZdrTpc4cevpFNTD4W24j&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/258/112/7/2.gif?puid=861FAF6A7DB563C0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/258/441/6/3.gif?puid=u_b8108f60-3c8e-42dd-84d9-a9313156dad1&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/258/429/5/4.gif?puid=7A25AC93-1E74-489E-BD48-53BB2C0A1325&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/258/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/258/2/4/5.gif?puid=3886628682223636672&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/258/434/3/6.gif?puid=f794a070-cdec-495b-b74c-6c653d5a4298&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=77c79248-d765-4dff-b399-d5cbd1628181&ttl=%%TTL%% HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/258/108/1/8.gif?puid=c4fd3250-5065-4ae6-949f-ad6b7e8ca640&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODYxRkFGNkE3REI1NjNDMA%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-1c1cICHZLRFKv4xqR_Ms8i1Uzr4LXOS2j4NTz2dCsA HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEOD0cB0-COdDcj4FlQRgDpE&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-1c1cICHZLRFKv4xqR_Ms8i1Uzr4LXOS2j4NTz2dCsA&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Request Chain 140
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters HTTP 302
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=M0N7LPTA-13-KP8J&customParamenters=
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
  • https://s.cpx.to/sync?dsp_uid=CAESEC1oiBe0BaEGjftJq4Ml2ZM&dsp=dbm&google_cver=1
Request Chain 142
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fwww.file.io%252Fz8Va%252Fdownload%252FbdjrHZf7rqWN%26hn_ver%3D78%26fid%3D10b0758b-fd9f-4910-9618-50c5fd90b4cd%26dsp%3Dpub_common%26dsp_uid%3Da6e95981-e7b0-4b51-8697-d6a250e6a6ec%26dsp%3DTTD%26dsp_uid%3D77c79248-d765-4dff-b399-d5cbd1628181 HTTP 302
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=3886628682223636672&pid=13058&url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&hn_ver=78&fid=10b0758b-fd9f-4910-9618-50c5fd90b4cd&dsp=pub_common&dsp_uid=a6e95981-e7b0-4b51-8697-d6a250e6a6ec&dsp=TTD&dsp_uid=77c79248-d765-4dff-b399-d5cbd1628181
Request Chain 143
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7A25AC93-1E74-489E-BD48-53BB2C0A1325
Request Chain 188
  • https://exch.quantcount.com/pixel/p-UqX1PsUJcNgVs.gif?iid=426394643856496641&labels=_qc.extra_user_agent&platform=&platformVersion=&model= HTTP 302
  • https://pixel-ssn.quantcount.com/pixel/p-UqX1PsUJcNgVs.gif?iid=426394643856496641&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=943fadb2-935b-4e6e-a5ab-7f0d199c90d9
Request Chain 190
  • https://exch.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394643789527041&labels=_qc.extra_user_agent&platform=&platformVersion=&model= HTTP 302
  • https://pixel-ssn.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394643789527041&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=a493b77c-11bb-4f3f-97e3-926c0129d5f3
Request Chain 194
  • https://exch.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394657681211395&labels=_qc.extra_user_agent&platform=&platformVersion=&model= HTTP 302
  • https://pixel-ssn.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394657681211395&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=267f7780-6728-409d-a65b-25493d178297
Request Chain 202
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&pbt=1&lsw=1&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=mzHOG3xWV2pvdmNDRkZUNUJIOXNORk5abDROYzRveTBiSkg1aVhOdFNuVWtyRlE5RlJxamVmRDd3eS9pWC9xSmZCc1NJZm94dTFDc3hvNUxvWFBHdktBcmVNSkIzbGhEeWRRK3NpcDBkR3lIaWw3eVlUTXcycThZanBoWCtlMlVvbHFWSDIraXRjYWREbXY3V3JiSWZjZFozNERtU1huOE1MczVFUHV5ZjFkWis4dkh2c3VCNFJoSmdaN25HTFhOQnc5ZFVhUGs4OUs1WFgrVmlOemZzZElvZWU4dGNCeVNsSTRTb0NqM3lrbEZseFhncW1jNVNiRTIyUGRlUGM2b09EVGs0fA&cppv=2
Request Chain 215
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough HTTP 302
  • https://eexsync.com/ztgl358.gif?gdpr=0&gdpr_consent=&us_privacy=&coppa=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D38%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqgAFodHRwczovL21hdGNoLnNoYXJldGhyb3VnaC5jb20vc3luYy92MT9zb3VyY2VfaWQ9N3JrSkFoUENXWGJ3OUxxNWRaeGM2VHZOJnNvdXJjZV91c2VyX2lkPXVhLTY0NzBmZDQ3LTQwNTMtMzJlOC04MDAzLTNiMzYyMzRlNjFiNTICJgw4AQ== HTTP 302
  • https://ssp.disqus.com/match?bidder=38&buyeruid=8182a99be799a82884b755894bd168cc4c93b699548a7226e063323cbf22e68c&r=Cid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqgAFodHRwczovL21hdGNoLnNoYXJldGhyb3VnaC5jb20vc3luYy92MT9zb3VyY2VfaWQ9N3JrSkFoUENXWGJ3OUxxNWRaeGM2VHZOJnNvdXJjZV91c2VyX2lkPXVhLTY0NzBmZDQ3LTQwNTMtMzJlOC04MDAzLTNiMzYyMzRlNjFiNTICJgw4AQ== HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-6470fd47-4053-32e8-8003-3b36234e61b5&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqgAFodHRwczovL21hdGNoLnNoYXJldGhyb3VnaC5jb20vc3luYy92MT9zb3VyY2VfaWQ9N3JrSkFoUENXWGJ3OUxxNWRaeGM2VHZOJnNvdXJjZV91c2VyX2lkPXVhLTY0NzBmZDQ3LTQwNTMtMzJlOC04MDAzLTNiMzYyMzRlNjFiNTICJgw4Ag== HTTP 302
  • https://ssp.disqus.com/match?bidder=12&buyeruid=JRd2ALZHibusND0NQjeMEK8z&r=Cid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqgAFodHRwczovL21hdGNoLnNoYXJldGhyb3VnaC5jb20vc3luYy92MT9zb3VyY2VfaWQ9N3JrSkFoUENXWGJ3OUxxNWRaeGM2VHZOJnNvdXJjZV91c2VyX2lkPXVhLTY0NzBmZDQ3LTQwNTMtMzJlOC04MDAzLTNiMzYyMzRlNjFiNTICJgw4Ag== HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-6470fd47-4053-32e8-8003-3b36234e61b5
Request Chain 217
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=77c79248-d765-4dff-b399-d5cbd1628181&gdpr=0&gdpr_consent=
Request Chain 218
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212774289754996
Request Chain 261
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=0&_fw_gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=e42ffa6c5ccb4f87abffd2e3f2af7412&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 263
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=18&key=JRd2ALZHibusND0NQjeMEK8z
Request Chain 265
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 268
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D52%26key%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqjwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9NjcyMzExYWYtY2I5ZC00YmE4LWE2ZDUtMmIzY2ZiODZkMmM4JmJpZGRlcm5hbWU9NTIma2V5PXVhLTY0NzBmZDQ3LTQwNTMtMzJlOC04MDAzLTNiMzYyMzRlNjFiNTICBhs4AQ==%26buyeruid%3D
Request Chain 269
  • https://cs.krushmedia.com/c517e991b368016fcb5125d653c3e1e6.gif?puid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D62%26key%3D%5BUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=62&key=de4b9a3f-9eaf-563e-8f4f-4d1dd0eb307f
Request Chain 270
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=136&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fbiddername%3D215%26auid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26gdpr%3D0%26gdpr_consent%3D%26ccpa%3D1---%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&gdpr=0&gdpr_consent=&ccpa=1---&key=bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
Request Chain 271
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D23%26key%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=23&key=41755e72-01b9-4904-93c2-c49f72d86307
Request Chain 273
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=55&key=3886628682223636672
Request Chain 274
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=200&key=OPTOUT
Request Chain 276
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=24&pid=59c9148628a0612da3689288&key=
Request Chain 307
  • https://ads.stickyadstv.com/auto-user-sync?gpp=&gpp_sid[]=-1 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=740efe7b1ee2d3fc8a0a2451e74c37&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo1d96_7410602575474309439&gdpr=&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/740efe7b1ee2d3fc8a0a2451e74c37?gdpr=&gdpr_consent=&gdpr=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-VSe9RnJE2oOfBtqsvhJ9Pi_tUkhONylUQVfnsNPt~A HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AADRek7Nr34AAErCwcu_lA&dataProviderId=817 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzQwZWZlN2IxZWUyZDNmYzhhMGEyNDUxZTc0YzM3&gdpr=&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPAxeDZna5pOfDGaYIorCTM&google_cver=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=null&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=77c79248-d765-4dff-b399-d5cbd1628181&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=3886628682223636672&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1580%26userId%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=2064016820420942736696 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=YtvIWxpk1SLFhU5 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1592%26userId%3D%23PMUID

314 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request bdjrHZf7rqWN
www.file.io/z8Va/download/
Redirect Chain
  • https://file.io/bdjrHZf7rqWN
  • https://www.file.io/z8Va/download/bdjrHZf7rqWN
373 KB
49 KB
Document
General
Full URL
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93a57aba9610c7dbf929c7978f9529890c32c01982d90ae75c6445c9a3e0fa58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0, s-maxage=86400
content-encoding
br
content-type
text/html
date
Wed, 04 Sep 2024 01:58:18 GMT
etag
W/"b14b83ba0436ba886b73df37bb6eab3e"
last-modified
Tue, 21 Nov 2023 16:38:09 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-cf-id
nOM1EHmKm0pAdfHkIMrYDgGM5g85u_5HyQ9mRKGbnx5tLvJYdCW63Q==
x-amz-cf-pop
JFK52-P5
x-amz-id-2
k72j0KfAvX49pfHjBBt+2b8Y1uuto95+xuVJu9tUqDuYCJjgsW2g88nO8sU7/EyflIO62kx43Iye8bQE7bOyOA==
x-amz-request-id
7VNDYERXBEBHXRW4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,PATCH,DELETE
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
Connection
keep-alive
Content-Length
136
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Sep 2024 01:58:17 GMT
Location
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Retry-After
1
Strict-Transport-Security
max-age=15724800; includeSubDomains
Vary
Accept
X-RateLimit-Limit
1
X-RateLimit-Remaining
7
X-RateLimit-Reset
2024-09-04T01:58:18.417Z
ad-manager.min.js
hb.vntsm.com/v3/live/
143 KB
40 KB
Script
General
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0f5ab90936dc5f59822ea4131926f16dc85aede391185c179375ed024bb89083
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version
1.1
strict-transport-security
max-age=300
age
1773
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ip
166.0.205.70
geo-sub
QC
x-amz-id-2
9FKmxm9fPWA0gXiWYse07gYqNZAXceOm3Ns5LnNRnvex3apRE0TeFk4S11z1q7jEr8pafRyqvJk=
x-served-by
cache-dub4322-DUB, cache-yul1970023-YUL
content-length
40713
last-modified
Thu, 22 Aug 2024 15:07:54 GMT
x-timer
S1725415098.383977,VS0,VE0
etag
"5bca03574c4a01111c82a17c56920e80"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo
CA
x-cache-hits
15, 6
js
www.googletagmanager.com/gtag/
288 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bfde1ec17e3065d6afb1e936c777877fc9fe4ef18952cce7d1bcb102c8b49f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101083
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 01:58:18 GMT
app-ce1c3df6a1080a0c9f36.js
www.file.io/
759 KB
173 KB
Script
General
Full URL
https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26501a1ea54927eb684a57374525d72bb7112e5036a8f73dfb9890a34fb08871

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 10:34:14 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
44VA4BJG4CSTX095
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
21655445
x-cache
Hit from cloudfront
x-amz-id-2
abGnmd0I1VhPWTDT48bU604G4Lx/NJN31iN42sOWkgXdbzZenSQRIDJiZNRGa/zgNDvFNgQr0Q8=
last-modified
Tue, 21 Nov 2023 16:38:06 GMT
server
AmazonS3
etag
W/"ee554025a765570fd938eaf7853e81ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
IDWI4S5OseRRvUKPTK5bBJDTr8w7LvpgWt-ePyXiPVsVmFr2Us11Pw==
0eceb729-3d23d92b83ca9772b679.js
www.file.io/
12 KB
2 KB
Script
General
Full URL
https://www.file.io/0eceb729-3d23d92b83ca9772b679.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
618f84de04f8a165a6d22328816b618433d49c5f50706d033436ea0cc0e1a9a0

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:13:18 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
ZP20CRB81B62BW3M
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
21480300
x-cache
Hit from cloudfront
x-amz-id-2
ko55a+QlOsat9omVQJK0Sg6p0IdAcWZi9gYqQTfxfKpfMuYzAYiWRV8wbms85I/biLqdaad9W3o=
last-modified
Tue, 21 Nov 2023 16:38:01 GMT
server
AmazonS3
etag
W/"0a3f35f6211feffe573a08f983c2a35a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
sYLNj5l0DYAYQVP01tz5_1xdbAbEKefw9ksxfg0t5HLXRVTWnjlW5g==
d6a9949e-c7fb26743b3df7c3d4f3.js
www.file.io/
48 KB
6 KB
Script
General
Full URL
https://www.file.io/d6a9949e-c7fb26743b3df7c3d4f3.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99558fc6ef205ec358d6ac68ec549d6972949f3cdca2be0aed2a2b3c165c17f

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:38:38 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
W1DM2687ZHME3GH1
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
24830380
x-cache
Hit from cloudfront
x-amz-id-2
gTt+B0osSQqw/5q+otDs44vRMLZ2mWoE3aWLvlHIDyZg0QvqRgRuxMUwpx6jQPZO2C/BxFJAh8kPZySlcyxj7g==
last-modified
Tue, 21 Nov 2023 16:38:09 GMT
server
AmazonS3
etag
W/"8be798e491d64c90fb2668c241136d27"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Elx0FBMOtByif5xHB-rmOq-L7BBVfwphHdG2ck2XCN5LeXOInc1dRg==
e82996df-418a0be62c8cbbb8c8af.js
www.file.io/
51 KB
15 KB
Script
General
Full URL
https://www.file.io/e82996df-418a0be62c8cbbb8c8af.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9ae0cc0755ea3b042acde2932d6885c1dcbcc785cae4ec96958540302727b66

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Apr 2024 18:17:28 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
WCBX8D8Z0YPBQ1ZN
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
12296451
x-cache
Hit from cloudfront
x-amz-id-2
Tzsf7rENXnJSBuWY8Od8YTsfhpN4uRIOiucIoR8M89ZJPWCtyVdVuoWmlBr5Fx/eIUX/pqg+kNk=
last-modified
Tue, 21 Nov 2023 16:38:10 GMT
server
AmazonS3
etag
W/"41f1589b5b330e89885e93dcec06328c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
nupi6kPq6vvo_oblt6M4NEbHEfbG645jVKKNV97U7VHK-yBQFNbtjg==
framework-2e81d87b28ccd7c06c04.js
www.file.io/
145 KB
42 KB
Script
General
Full URL
https://www.file.io/framework-2e81d87b28ccd7c06c04.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57e30f191bec3bcb919f18dc014c7124dd24e9f0755f2abdde9ac3ccb8d161de

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 05:31:46 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
VZSVTRBBWBPSPDA8
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
22191992
x-cache
Hit from cloudfront
x-amz-id-2
936UD7uNrzoZj95sY0I5jl3hPqom9bYjlg2d0Bbw4AVgSeeNCSkTirXbWmx577COrz/J6cZpnDo=
last-modified
Tue, 21 Nov 2023 16:38:10 GMT
server
AmazonS3
etag
W/"d57e42a527da656114d580605cefa13e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
mckKY79Eh8830PPQEiL9ermjMNurgQcXEa6b-PnZ3lyikcSR9aNOpg==
webpack-runtime-71df933e5e48a5ef88ea.js
www.file.io/
9 KB
5 KB
Script
General
Full URL
https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d37e09a9d86650a49b5dc628252f6d2f8cdde7aaf663a360a26ab64dc8d3e5cf

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 04:25:19 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
R6MPW0560G47MGSS
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
1200780
x-cache
Hit from cloudfront
x-amz-id-2
ZEP+gMFE5nD9JhcKj0s9mMeoTsqaYHWdRBIMIcUsxIa6hswRaM2gw64T5GmQSS5Ro62sRF16NA8=
last-modified
Tue, 21 Nov 2023 16:38:15 GMT
server
AmazonS3
etag
W/"7cfe5fe97ffcc13e6e9a15122f587d3e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
682tMtzlgkxyW1KUnTNrSmWV44HSji1DHV5N4ZlHriyMSgkrPUdowA==
6357fe75b1abda701427d92a.enc
hb.vntsm.com/v2/live/
35 KB
6 KB
XHR
General
Full URL
https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0dd2eb2fd53d941dfbb4171c5f16cf0869dd730efe32db8b9f60fbd79826a54
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version
1.1
strict-transport-security
max-age=300
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
x-ip
166.0.205.70
geo-sub
QC
x-amz-id-2
pReVXOGRgVzhVtYO3i7UaDQyWdWrUR/ACaReGVh8wicFCn6MZUHRTjNSDRW5O/1nmYUVKjZAyJaANYvqnTybwg==
x-served-by
cache-dub4360-DUB, cache-yul1970040-YUL
content-length
5226
last-modified
Thu, 01 Aug 2024 11:49:46 GMT
x-timer
S1725415099.680532,VS0,VE80
etag
"22716f99a762a5ef1872b7638f4ffd31"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo
CA
x-cache-hits
213, 0
app-data.json
www.file.io/page-data/
50 B
543 B
XHR
General
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
003ebef3df0e3f053e8c9535b204beb9ed81b8d47dbad9d0551490c5ba754149

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 08:48:12 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
SNGT0B90J8RAK8DJ
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
61807
x-cache
Hit from cloudfront
content-length
50
x-amz-id-2
SDdOjcUiLtz8zkJtow1wE+e4XKMJStsHePPO63Q8ojtM6Q6fpK/nLlRW+W6iGLYSb18sR0E6uTQ=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"6b7f5842f65c183f487bba9ca61c4677"
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
vnwk8mhom3slE3QmgCGPMzFgAQb5Auc5-n--Z_joR2Fq2BzM22Hiww==
page-data.json
www.file.io/page-data/downloadStopGap/
208 B
720 B
XHR
General
Full URL
https://www.file.io/page-data/downloadStopGap/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:39:43 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
Y4A12EEKWJ20EGSR
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
40716
x-cache
Hit from cloudfront
content-length
208
x-amz-id-2
AbkQrQYcx0vTH+ZH3rwqzNXiMzYg5jCw7jswf7MsVTBZHB442EWzPeQPJ9vtAWp9W5OqIcG0wEE=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"a2bc2e30a9725de62058caf12cd11a0e"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
cwNFIG0LRfeHpg49msMkV715grwpokyVoSiq7EpBDPQuddxdDO0zYg==
js
www.googletagmanager.com/gtag/
208 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-65658019-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7adbd038cda471b0a2f2419e19b3818c76641fa788d1bd780acc969bcc183c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76571
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 01:58:18 GMT
content.html
hb.vntsm.io/
32 B
665 B
Fetch
General
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:19 GMT
cf-cache-status
HIT
x-amz-request-id
0EEPXHNSA9C5SWCH
age
887
content-length
32
x-amz-id-2
t33s3Ub3CKXGYDv2vn/p88qUPQ1cy+KPUADD1YHJlQtbOjKGzk6xXBnU4Av9DqWvgph7E7NRZ9Q=
geo
CA
geo-subdivision
CA-QC
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bda5fb0ac30a24c-YYZ
g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/
0
0
Fetch
General
Full URL
https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:19 GMT
Via
1.1 varnish, 1.1 varnish
Venatus-CDN-HB-Rule-Version
1.1
Strict-Transport-Security
max-age=300
Age
5211
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
X-IP
166.0.205.70
Content-Length
0
x-amz-id-2
kedB3dVBS9tPLzkX+qwonFXo5B4lE1f8qNroH1kzocER5wgsQsJld9sG1istJt15jqnTFS5JzBQ=
X-Served-By
cache-dub4355-DUB, cache-yul1970044-YUL
Geo-Sub
QC
Last-Modified
Tue, 02 Apr 2024 15:20:36 GMT
X-Timer
S1725415099.052155,VS0,VE0
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Geo
CA
X-Cache-Hits
57, 225
c16184b3-95b4c1d4f88fa26cbedb.js
www.file.io/
12 KB
5 KB
Script
General
Full URL
https://www.file.io/c16184b3-95b4c1d4f88fa26cbedb.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17712c90e8473e3a5c2f70a4399e79ba0687d7be77d3aa642870f27a1c13da94

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:38:39 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
ZTM28XBK127WQX6G
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
24830380
x-cache
Hit from cloudfront
x-amz-id-2
VWbyMvjcMqfHA4EdcQeu78eXI3Zse5ajXEYeHScA6S6tLeUjOeEgsIZIYvcCTorWPKprzXHIUHw=
last-modified
Tue, 21 Nov 2023 16:38:06 GMT
server
AmazonS3
etag
W/"99a1550c7fd59aef33e8474b7e4d41c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
q0SxJAwplGzxYvIVybiUI6StbtqbMBs5FXSGQlKEtJPkZVFpMalHmQ==
2cca2479-b6c05be52437560faaee.js
www.file.io/
4 KB
2 KB
Script
General
Full URL
https://www.file.io/2cca2479-b6c05be52437560faaee.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3148b503996601811f2abcc09d7309d321d02d144c93243b4b914c00b36d87d7

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:02:40 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
D96K0A13CPANHQ4R
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
21484539
x-cache
Hit from cloudfront
x-amz-id-2
+jXmsHIYCLCoQe096jt5/NzbnanJFWZ+Ev+jVqFR5deetQV06rcv1TpAyjBY2WDZsuamLTA9WcY=
last-modified
Tue, 21 Nov 2023 16:38:02 GMT
server
AmazonS3
etag
W/"6cd7fa0413645d437f12b65c8ca4d4bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
YbLjE9rIRBA3h9oG9tNn_PJLgboPFZeT08OGu1NALBdgVBjl1c8RyQ==
7ae2231b1295f47744064cafef681eeeabdf28c4-015e1d1647a984681642.js
www.file.io/
117 KB
66 KB
Script
General
Full URL
https://www.file.io/7ae2231b1295f47744064cafef681eeeabdf28c4-015e1d1647a984681642.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9d0a668bbfb705e317d51bfaabf290c28cca253877bc8ca0885af764860c945

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:38:39 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
ZTM73K4NMTMD4Z19
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
24830380
x-cache
Hit from cloudfront
x-amz-id-2
Eu8fbE1VMIsIMwxRdlvFr70bcGfqKn40Js6vf6ll60vn+Xt3Gs3FikhxkyTHp1f3FJSyOVdNTE8=
last-modified
Tue, 21 Nov 2023 16:38:02 GMT
server
AmazonS3
etag
W/"1d960a13eec23d962cec4d1fb874ad24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
OsQvVnCeRmBUPOEt4y53XN5dqcj7TJiYq0zCNxplsf0Q6GjBMZYyOg==
d586fea45c8a80d9eaecf1d04f964b1ca23e203e-2e7296bc1aadb7b4e547.js
www.file.io/
21 KB
9 KB
Script
General
Full URL
https://www.file.io/d586fea45c8a80d9eaecf1d04f964b1ca23e203e-2e7296bc1aadb7b4e547.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc77dc77f2acb1d2781f3d6a45131816596a2f47f90eb52bbbda7ff6dc22697a

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 05:31:47 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
NXKJ4P1W13MGWTQ7
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
22191992
x-cache
Hit from cloudfront
x-amz-id-2
zQ28OkXsByiwn2ytTZhf46YLMi+VSh0lxIEhxHY+t1hU61sbrJf3Sm8nmxBr935fVmloDzgS7JyyFsWNCgRxkPDklj1i2EC+MyjDJxQbr24=
last-modified
Tue, 21 Nov 2023 16:38:09 GMT
server
AmazonS3
etag
W/"22cfddc9a580e0d98dc0542be850ee73"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
u-INrUW7ukF0mbFPYsCRX0KRZGFsJ3m7EtIze5VEOzP9hPONiB3mIg==
71836864b7a2066d7d874ab5eea3f7769b0144c3-ebc51d1e381ba863cf3d.js
www.file.io/
24 KB
8 KB
Script
General
Full URL
https://www.file.io/71836864b7a2066d7d874ab5eea3f7769b0144c3-ebc51d1e381ba863cf3d.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9aff67207c751e2410d82062275cbbce494d88e6a054b36eeb65fea942b92244

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 06:29:18 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
J3A5TCRKCPCT4BWV
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
21410941
x-cache
Hit from cloudfront
x-amz-id-2
XXNrJWdaX14UDARGQOPKJ3+wCJQrfxiqoTIqzxBIpIoG7lx8cZMYHAJfCTyw21esuHNxXKFTOFg=
last-modified
Tue, 21 Nov 2023 16:38:02 GMT
server
AmazonS3
etag
W/"fd22536429ef564a589e257edba4bb43"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
itOS_xmTyi8dpSCdCTNVVCNaSN5zNzWC8AIhRfVKoDIfbfH5hcodaw==
ed516ccec82792e61eba5551e335b957b2d7d02c-a82720e411859fecd019.js
www.file.io/
44 KB
14 KB
Script
General
Full URL
https://www.file.io/ed516ccec82792e61eba5551e335b957b2d7d02c-a82720e411859fecd019.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41cee572622e55c51a0229bd489312e2b9bcc0ac84d8001f4527d2cfc9700fb7

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 04:51:55 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
1KG2AH7YDDD30YDK
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
2840784
x-cache
Hit from cloudfront
x-amz-id-2
wfGWVTv2S9JaFSNHoKLHhzP1IxHgXkrewIDcZKl2YmrUR0f4MDK7FD4MqZgCGmPcrKJZoqwYUrZJ6wBATUVAhh3pAlrtguNjr1UzKFg59Ds=
last-modified
Tue, 21 Nov 2023 16:38:10 GMT
server
AmazonS3
etag
W/"96772a03733ad2ba49633ced27df9c55"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
XWOk7eOmxDT_j1fNsMhnv4VZPLteGFNhtCWY8QOtPeXq4DTvYLRE2g==
e98b170d240584cc273f592e36a9137245db2ee9-cd7fe7c06c1b5b4a3f14.js
www.file.io/
76 KB
23 KB
Script
General
Full URL
https://www.file.io/e98b170d240584cc273f592e36a9137245db2ee9-cd7fe7c06c1b5b4a3f14.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62e078598c7c6f18e612a42a47e3daa3d56ee6825cf9ffcd1111f144b9b1a00a

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 12 May 2024 06:15:00 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
BR30FMYQ3HGFP9V0
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
9920599
x-cache
Hit from cloudfront
x-amz-id-2
F06A0UmQc8deMOdVvikFi87IaXbEJQgZH7y54AshZwDvWU0JlucfAr6l2X3OkoUCFJFfRdnsRMU=
last-modified
Tue, 21 Nov 2023 16:38:10 GMT
server
AmazonS3
etag
W/"6fc5a2a249a3590c4d95bddef5750e19"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
W3s62gAkl0RQ1Ta1JW_1R4uYd_ziTgr8IYBFDkp8BkC7sfTm2VZjVQ==
03f9af1d91ffaa672a221f7c6442c75365c47a72-67f8c2204fcb87f4fd41.js
www.file.io/
14 KB
4 KB
Script
General
Full URL
https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-67f8c2204fcb87f4fd41.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16dc6c08d1383ce96476fb0b651b79fbe89529d601bead76f00321c7d021104e

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 10 Jun 2024 13:47:28 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
Q2B6BB51QXER9BV3
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
7387851
x-cache
Hit from cloudfront
x-amz-id-2
McwUSsMvoRiz0lMkb43Bn9qm6YVHrX2bHRRjQcwsUtQobBkexMjTkJQmsQsW+aGe82OT1gj7tIA=
last-modified
Tue, 21 Nov 2023 16:38:01 GMT
server
AmazonS3
etag
W/"fe794b04548676b5edd051217791b3d5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
dNLnID2f9SZuAgzj37qSOcDGe1Q6QzemdLY0GM5YkuZJHEaigN5Zag==
component---src-pages-download-stop-gap-js-176f1428224f4956c814.js
www.file.io/
484 B
982 B
Script
General
Full URL
https://www.file.io/component---src-pages-download-stop-gap-js-176f1428224f4956c814.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55e2bc0de80dec3d96b000d97adcb7a1cce1e7260555f4141f5677a91c730dbe

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 09:23:02 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
K0NSSKQKR26F5ZFH
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
20882117
x-cache
Hit from cloudfront
content-length
484
x-amz-id-2
8NlESvJysDv8ObsrB+flxE7Y74ScNnXWzxw5nIPzJVDSVj2wKRasderExQJRF5o26Eji1Gv9U4w=
last-modified
Tue, 21 Nov 2023 16:38:07 GMT
server
AmazonS3
etag
"9525d851171232c1012a3a1b9795a681"
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RQQlI7sKGkQKQDr8pZQY9IQ5qgKLtjYNOL7JZKBzXj3pPPUMe-ibaQ==
1655680770.json
www.file.io/page-data/sq/d/
447 B
962 B
XHR
General
Full URL
https://www.file.io/page-data/sq/d/1655680770.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 11:55:06 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
W3PVV3YTB29084Q6
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
50593
x-cache
Hit from cloudfront
content-length
447
x-amz-id-2
KU8iPnM9zheuJO1p21+PDpnkMJD1ZGgrrH2QRkZQBgptisUB5jWpdc5C+N1QpQfY2Txy0NTxDV8=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"c839c57483bd5d788408e7fc88e7cc8d"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
K9uxFOhvXuXZqUXAYNFpIKNuWWui5zke0hB6N84zIFBWOcDV3jSjHw==
1810866655.json
www.file.io/page-data/sq/d/
2 KB
892 B
XHR
General
Full URL
https://www.file.io/page-data/sq/d/1810866655.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:49:23 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
37P6ZYS5XRQAH50D
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
76136
x-cache
Hit from cloudfront
x-amz-id-2
4MB7H+fEA312SSWFKDizA3SPJcR+afvRXH7dO0oBsjxjQpB+3t4FQzCKRBu4YjTmj75LHRjTXLY=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
W/"7bb0144e136507cd9bfbaceb72189d09"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
-wjQ-HwFNv1tmNky3yhJ0g-wLLMwwYCBnQAuhxc2tGUoHYvq87TAZw==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65658019-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Sep 2024 00:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 04 Sep 2024 02:06:04 GMT
Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/
317 KB
318 KB
Font
General
Full URL
https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Origin
https://www.file.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 11:43:38 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
AYHKR8GE22ZH0QJ4
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
21478482
x-cache
Hit from cloudfront
content-length
324864
x-amz-id-2
9blKZBczbMNARjkFp+AOKEYL63clwZ181UFAmIN2EyoXJJ6aiFzlY3D+Gc0oddmkmmyWS6VBUVg=
last-modified
Tue, 21 Nov 2023 16:38:14 GMT
server
AmazonS3
etag
"8dd26c3dd0125fb16ce19b8f5e8273fb"
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QUmyEL8bPCRrfTgSz7sRqJOp0x59hxzZcMG-Ctqs7rmsnbyGwVPvfA==
ad-manager-bundle.min.js
hb.vntsm.com/ab/live/fatum/
1 MB
328 KB
Script
General
Full URL
https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
252858d4a1efc7b1bf67aa25eae99ff7a596aaea10a9bc48436eae6e134f9bbe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version
1.1
strict-transport-security
max-age=300
age
1768
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ip
166.0.205.70
geo-sub
QC
x-amz-id-2
TmS3hajfblBU3O7YE6U+IbUih9YHkPbKwDrpeOFeGzSMyQzjSu5/yuRGJUrVae3Zx0aSSCfGh2M=
x-served-by
cache-dub4360-DUB, cache-yul1970023-YUL
content-length
335020
last-modified
Thu, 22 Aug 2024 13:25:08 GMT
x-timer
S1725415099.400052,VS0,VE2
etag
"3ce2eb93cfa8a054da66bddcf382ff85"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
x-geo
CA
x-cache-hits
7, 1
metadata
file.io/bdjrHZf7rqWN/
519 B
1 KB
XHR
General
Full URL
https://file.io/bdjrHZf7rqWN/metadata
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.55.107.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
0a491d1fe7b43a39c4f30af0ad22f827d724dc7b322c40e4c946b1e874f374bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:19 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
ETag
W/"207-JVc/x71A+P9vk12xbW1aG+U/c7k"
X-RateLimit-Remaining
7
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,PATCH,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
X-RateLimit-Reset
2024-09-04T01:58:20.690Z
X-RateLimit-Limit
1
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
Content-Length
519
Retry-After
1
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KDJB5247JB&gtm=45je4930v9119119180za200&_p=1725415098147&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1052521603.1725415099&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dp=%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&sid=1725415099&sct=1&seg=0&dl=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&dt=Download%20%7C%20file.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=false&tfd=2313
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDJB5247JB&cid=1052521603.1725415099&gtm=45je4930v9119119180za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 37EE
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-KDJB5247JB&gacid=1052521603.1725415099&gtm=45je4930v9119119180za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1577434857
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 01:58:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/
42 B
63 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDJB5247JB&cid=1052521603.1725415099&gtm=45je4930v9119119180za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=342451592
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
141 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=88652760&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&ul=en-ca&de=UTF-8&dt=Download%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1212562171&gjid=1517659950&cid=1052521603.1725415099&tid=UA-65658019-1&_gid=875104092.1725415099&_r=1&gtm=457e4930z89119119180za200zb9119119180&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=1233059202
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=88652760&t=pageview&_s=2&dl=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&dp=%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&ul=en-ca&de=UTF-8&dt=Download%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1052521603.1725415099&tid=UA-65658019-1&_gid=875104092.1725415099&gtm=457e4930za200zb9119119180&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=1442244691
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 22:35:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12161
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 35F8
0
0
Document
General
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.42 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
age
1773
content-encoding
gzip
content-length
420
content-type
text/html
date
Wed, 04 Sep 2024 01:58:20 GMT
etag
"d80b9831e6e7896aa97e84d70f49e545"
geo-sub
QC
last-modified
Sun, 10 Sep 2023 14:04:21 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
venatus-cdn-hb-rule-version
1.1
via
1.1 varnish, 1.1 varnish
x-amz-id-2
1YSVmS+x+Xy5jKob4isHmzoXwl691rhphmizyURg2gfABVmtFwYmE7FTAtUc3S9LVzPOdjImqdMv0b55DI8riA==
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-cache-hits
27, 4
x-geo
CA
x-ip
166.0.205.70
x-served-by
cache-dub4360-DUB, cache-yul1970032-YUL
x-timer
S1725415100.270817,VS0,VE0
px.gif
ad-delivery.net/
43 B
917 B
Fetch
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1122263
x-guploader-uploadid
ABPtcPp7Sk57D407vDkGzhczXGOjyw-NaIBl1cYdmczXXpoK0n-qUOdQccng0qUDPwS42XXcNIc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyjtKuurooPHBiyjsOhDDxC43tGHwH3qKCRsDVXeVWYq5dTG8w%2FnhBbjmwbaaXmuvguxM0Pw%2Bv6GJsEANBqoyxjz%2FGpnkpg84JMxX%2FQbZePTYIiZq4dKiOGqGB5MRvo0xQKF%2FiicFeLyjrppgA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8bda5fb82f30a228-YYZ
expires
Thu, 05 Sep 2024 01:58:20 GMT
script.js
cadmus.script.ac/d1oykxszdrgjgl/
141 KB
49 KB
Script
General
Full URL
https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
251a5bd5791f55093af089db9a502cec41d52e96327db46ab3f37c5ea4da6088

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
content-encoding
gzip
last-modified
Tue, 03 Sep 2024 17:42:34 GMT
server
cloudflare
age
0
etag
W/"a044fef5955d27e81b84cfe7785129748aca491d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8bda5fb9a995a246-YYZ
apstag.js
c.amazon-adsystem.com/aax2/
324 KB
80 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.63.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-63-125.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:25:09 GMT
content-encoding
gzip
via
1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront), 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 22:46:36 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-P1
age
1992
etag
W/"907cbdd883935369790d45cc9bd9e8b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
kDx39xr2bZfYwE4O55IcrARH0dFCo46fVx6EIXu4oUAaN8tySkQY6Q==
px.js
p.cpx.to/p/13058/
5 KB
5 KB
Script
General
Full URL
https://p.cpx.to/p/13058/px.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-52-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bc3348e9126296879fb111eff421e7808072c6ae2c02da2aae1ec6ebeaf1849d

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
cache-control
public, max-age=2419200
content-length
4879
content-type
application/javascript; charset=UTF-8
quant.js
secure.quantserve.com/
23 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 11 Sep 2024 01:58:20 GMT
pub.js
pub.doubleverify.com/dvtag/34896827/DV1430477/
67 KB
21 KB
Script
General
Full URL
https://pub.doubleverify.com/dvtag/34896827/DV1430477/pub.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9ce1e59fa839cbc702849022d291f296df21ef1c2a5ae7ca2904c7857d4999d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors 'self'
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
public, max-age=900, stale-while-revalidate=3600
access-control-allow-credentials
true
timing-allow-origin
*
cf-ray
8bda5fb9b9bbab8d-YYZ
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/
103 KB
32 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b01c056279ffb81b719d26ba103dd44db712d8b6d64013e40505d1237cfa7867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32653
x-xss-protection
0
server
cafe
etag
46 / 19970 / m202408290101 / config-hash: 921684379031322223
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 04 Sep 2024 01:58:20 GMT
1a
i.clean.gg/
0
104 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 04 Sep 2024 01:58:20 GMT
server
nginx/1.21.6
via
1.1 google
pub.json
pub.doubleverify.com/dvtag/signals/bsc/
10 B
280 B
Fetch
General
Full URL
https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=34896827&cmp=DV1430477&url=https%3A%2F%2Ffile.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&abs=1&token=2wkVG7zcd75Wp8s2nSA7LljkM2t7BsPaneI3cNFK0ZMewCi3DTYnPcIVgE5WmKtBOhjmBx3UuVeC7nZjCA8b%2BbEL4%2Bz9wQJtkMDHy6%2FC33d3rlYazQx1QKqqRb3dP%2Bg%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3ef363d405f0513eb1d33c9c13e8e92cbd595d0f9ead6ed1083df09ed30de7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
server
cloudflare
vary
origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://www.file.io
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
public, max-age=2000
access-control-allow-credentials
true
timing-allow-origin
*
cf-ray
8bda5fbaff11b40a-YYZ
content-length
10
alt-svc
h3=":443"; ma=86400
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:20:33 GMT
content-encoding
gzip
via
1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2267
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
l_eZyBZwZyoWtx4IEQC4tZ5LQZm06K2fwX3OQ6ia1qLMdayv5Cv1gg==
track_enc
track.venatusmedia.com/dual/
16 B
162 B
XHR
General
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.192.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-192-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:21 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
70247b00-ff8f-4016-b3ab-8344daf96e09
config.aps.amazon-adsystem.com/configs/
563 B
828 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-70.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e411b8e6d885dadf7c6783703e33b74e4095c962d7edbf40b80ffc50368c5785

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:29:48 GMT
via
1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
1712
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
MaSfS5Z7v3wKVITMnGqFpx75peIaujpuaggLg2azcP2n5Y_319AP-A==
config
c.amazon-adsystem.com/cdn/prod/
2 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.file.io&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.63.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-63-125.iad89.r.cloudfront.net
Software
Server /
Resource Hash
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 23:08:36 GMT
via
1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-P1
age
10184
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2353
x-amz-cf-id
uzg4o8HbqHVb4NE5XAo3K1Jd8naZKKatVsC6KUzAvaZxT1uCgMxPzg==
bid
aax.amazon-adsystem.com/e/dtb/
191 B
525 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&pid=QNZDf3zJXgK4C&cb=0&ws=1600x1200&v=24.827.1552&t=3500&slots=%5B%7B%22sd%22%3A%22637370d898fb531abee85aab-1100%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_637370d898fb531abee85aab%22%7D%2C%7B%22sd%22%3A%22637370bb889c301e8e7ad53d-1101%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_637370bb889c301e8e7ad53d%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&sm=bfa45aad-4dcc-49ba-ae06-d6601216756c&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A5100%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.30.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-30-15.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
875fd006ba054d139a04ccd9be86e7fe4f92e954d4fbd1a22f44aff124c9ef15

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
via
1.1 f391dfb0806f29cccc5f1df3e1ae836e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
timing-allow-origin
*
content-length
177
x-amz-cf-id
x5rTMVcn-Mz3jcatBhUliyqq4a20shll7pOceEqwjemd_qiHB_YRRg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.63.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-63-125.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 00:47:59 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 199b065e4c1253c9590e1b5e57083906.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
age
4222
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Origin,accept-encoding
x-amz-cf-id
rMZI6tNzw-Q9G6I72dpXxqiiEER6WMSgwyrqt7IYP8Kr4QNNuPoJkw==
edgekit.min.js
cdn.edkt.io/rNn9xk/
21 KB
7 KB
Script
General
Full URL
https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4803a33a08071933f4df3553a3be7fddc1caf0240c715f2ff4e0a27d466401d

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 03:43:40 GMT
content-encoding
gzip
age
80080
x-guploader-uploadid
AD-8ljtWc5lhY3awsX8Bsga2a9WsqGB25ghfxkkTzQXFCyYXoqIQEAgGuPWWqWmvKDp6xwHVUHb8WViW1w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6718
last-modified
Mon, 02 Sep 2024 16:08:09 GMT
server
UploadServer
etag
"3c27b87bef4bdf4073c67630046727eb"
x-goog-generation
1725293289253672
x-goog-hash
crc32c=dK/mzg==, md5=PCe4e+9L30BzxnYwBGcn6w==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6718
accept-ranges
bytes
expires
Wed, 04 Sep 2024 03:43:40 GMT
localstore.js
script.4dex.io/
1 KB
1 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:20 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 28 Aug 2024 15:06:32 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
557402
ETag
W/"00a8e13a83b2bbab51af8e55f52be363"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2GUqYYmNz4YnXsdlgPFyaNxBu5%2B6dJJi%2FzEek6UmNDazLGclPsciCjUZ9sAIxqtxz%2Fo6ULtPazd9kTyi0HATmrg1OWp%2BFXUne3F%2FFBz9Mu4cVsjKkH1RAsAt%2F0NZA3voMp4BWqLVZ%2FZzoWSp"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8bda5fbc8b9eab2a-YYZ
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/
479 KB
149 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83832d5307a4d195cddf24f76e66d09b669cfbe23a429d642d06202cb55c96cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
446
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152988
x-xss-protection
0
server
cafe
etag
7232803424342751065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 04 Sep 2025 01:50:54 GMT
v1
btlr.sharethrough.com/universal/
661 B
764 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.83.106.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-106-164.compute-1.amazonaws.com
Software
/
Resource Hash
701007245642ada21053a40a2e7131c91c07b041115ea6aef9f0625c4fc9b151
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
407
content-type
application/json; charset=utf-8
v1
btlr.sharethrough.com/universal/
720 B
764 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.83.106.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-106-164.compute-1.amazonaws.com
Software
/
Resource Hash
8a752caabdce61c93fd0cc514ee9d948299282d56f5f99810015c6066c5e3bad
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
406
content-type
application/json; charset=utf-8
v1
btlr.sharethrough.com/universal/
793 B
831 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.83.106.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-106-164.compute-1.amazonaws.com
Software
/
Resource Hash
b2c9ac1f1ff16d83baeca8beebd02d4b5107446cf6723b2903ddd14dfd393ad1
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
474
content-type
application/json; charset=utf-8
v1
btlr.sharethrough.com/universal/
692 B
759 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.83.106.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-83-106-164.compute-1.amazonaws.com
Software
/
Resource Hash
4a8b13e6362d8d67f40ed2efb7930b80728227450b066df8841abd62319a06df
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
402
content-type
application/json; charset=utf-8
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.38.0&referrer=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.91.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-91-202.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
accept-ch
sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/
0
110 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/
180 B
697 B
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&PageUrl=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&PageReferrer=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.171.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-171-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
80f0de18c39f3ef62517ef51570b4fc25733ffa0b6a5039b3b889a96ba39563d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
101
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
v1
prg.smartadserver.com/prebid/
24 KB
9 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
f13889c4a07885cc26b0ccbf8e48fdc9cb36c5875bcd24bff2693c744e735948

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
23 KB
8 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
973e47e3e377f2987b43b9c16ff6c81490cbd21f21e84abd82a37b463fb9cbe0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
1 KB
1 KB
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
125.253.89.184 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
envoy /
Resource Hash
6c98246d6bda80ba635b8619edd1df663882fcc3658249484e95f5211b4e84e3

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
content-length
538
auction
elb.the-ozone-project.com/openrtb2/
288 B
1 KB
Fetch
General
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d149c008bcc384ae910e9310813b95e57246629b3d1314a64230a3723fd004d

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8bda5fbd798fac4b-YYZ
expires
0
prebid
ib.adnxs.com/ut/v3/
253 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
98972c906daa578fa3236e39689f4fb09a725e2e5b0a6a48e619a69df4637da6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:21 GMT
an-x-request-uuid
e12bbaa0-e397-41c9-a1d3-b6d9143695d8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.70; 166.0.205.70; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
253
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.174.84 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-174-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 04 Sep 2024 02:13:21 GMT
hadron.js
cdn.hadronid.net/
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&ref=&_it=amazon&partner_id=288
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNTEWM5RE8S976C
age
142
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
cf-ray
8bda5fbcfb9c3a03-YYZ
x-amz-id-2
1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
expires
Mon, 09 Sep 2024 01:58:20 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/
95 KB
28 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1274185bc7a88a74588ef82af3d472ccdc2574282522325f687f37f58dd788
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2024 13:30:01 GMT
server
cloudflare
x-amz-request-id
VFZTDPW5Z9323XC1
age
692
etag
W/"ac65bcbdbadc9ff581ea087feb796f28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8bda5fbd1e0439e9-YYZ
x-amz-id-2
hq8fndJVNv6F5xYDyjrGTp3d8ykRcjIRHckLNXE/XQ9DmnB5XIgaz2U3v93AIf72DBlOGoTHES+4clUgjiGx1ZliI7rlwk9q
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.174.84 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-174-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Wed, 04 Sep 2024 02:13:21 GMT
pixel;r=361218741;labels=All.Title.Download%2CAll.Type.website%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%20files%20and%...
pixel.quantserve.com/
35 B
703 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=361218741;labels=All.Title.Download%2CAll.Type.website%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%20files%20and%20share%20the%20links%20via%20email%20%20SMS%20%20Slack%20%20Discord%20%20etc%20%20Easy-to-use%20REST%20API%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%20files%20and%20share%20the%20links%20via%20email%20%20SMS%20%20Slack%20%20Discord%20%20etc%20%20Easy-to-use%20REST%20API%2CAll.Url.https%3A%2F%2Ffile%20io%2FbdjrHZf7rqWN;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN;uht=2;fpan=1;fpa=P0-823980441-1725415100531;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=file.io;dst=1;et=1725415100865;tzo=420;ogl=url.https%3A%2F%2Ffile%252Eio%2FbdjrHZf7rqWN%2Ctitle.Download%2Cdescription.Sharing%20files%20with%20file%252Eio%20is%20convenient%252C%20anonymous%20and%20secure%252E%20Just%20upload%20file%2Cimage.https%3A%2F%2Fwww%252Efile%252Eio%2Fimages%2Fog-img%252Epng%2Ctype.website;ses=b792adea-2571-466f-af7d-754da84d713c;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:20 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["smf8mB/7jMgAKtSI4NHIBQ=="],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["+FW0/y91gq4cqWDetTbUBg=="],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["1lEH6vxZZiOBcEz6rv+Tcg=="],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["WTCMm8mDn9eg0Syqh1PBog=="],"pcode":["p-Hwnr8j7tWA3Nu"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
21726375739
fundingchoicesmessages.google.com/i/
206 KB
68 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/21726375739?ers=3
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69534709412d1f69a19748ec3b15e594798ece4dc3fca9b6c1160ef6ece63f92
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PB1o30QbQZGtrRDufqZBAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-PB1o30QbQZGtrRDufqZBAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYFYtecSqykQ3193ifU5EO_9eIn1KBALcXPs_XtvG5vAjcWHypU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDCwNjPQMTOMLDADg2EH1"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/
3 B
192 B
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
8bda5fbd7c96a246-YYZ
content-length
3
adagio.js
script.4dex.io/a/latest/
61 KB
19 KB
Fetch
General
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:21 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
557163
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 28 Aug 2024 15:06:29 GMT
Server
cloudflare
ETag
W/"3bd20e5fbdd6d804d194856ed36c4ccb"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fYpvCcl5%2Fhx2jpP71EUdF9twxd1YQtswt18Kl%2Fa951s91jaYlnT2K5XJdB4n3tQZCIrl8JjOojAxEDQ%2FBIdVZeUAJpafkrGOVrH6D0fEi%2BBNsKTG25JwMQxA%2BSICfIBxWS86k4Z7%2Bi3JQ6Gp"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8bda5fbe4909aac6-YYZ
getuidj
ib.adnxs.com/
11 B
696 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:21 GMT
an-x-request-uuid
4c57f36d-1cc5-4ec5-a3d7-f5fe486f8532
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.70; 166.0.205.70; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/
109 B
562 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
cd5d8c9b2c3bfcec4adc8dce616cc638b4954ce17132bd739c99c37a925066b0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 04 Oct 2024 01:58:21 GMT
hadron.json
id.hadron.ad.gt/v1/
117 B
275 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.file.io&url=https://www.file.io/z8Va/download/bdjrHZf7rqWN
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
336ccd7b9f1093eda6546c5df5eb4f30c853d3e7638ecefd5a764531a6105e42

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization,content-type
cf-ray
8bda5fbf5c45aabf-YYZ
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.file.io&url=https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8bda5fbeab7eaabf-YYZ
content-length
0
content-type
application/json
date
Wed, 04 Sep 2024 01:58:21 GMT
debug
OPTIONS block
expires
Thu, 04 Sep 2025 01:58:21 GMT
server
cloudflare
iu3
s.amazon-adsystem.com/ Frame 42CD
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-Ogury_rx_snb_smrt_n-adYouLike_n-sharethrough_pm-db5_rbd_n-Rise_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-Ogury_rx_snb_smrt_n-adYouLike_n-sharethrough_pm-db5_rbd_n-Rise_3lift_n-Outbrain&dcc=t
0
0
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-Ogury_rx_snb_smrt_n-adYouLike_n-sharethrough_pm-db5_rbd_n-Rise_3lift_n-Outbrain&dcc=t
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
361
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 04 Sep 2024 01:58:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
D46KSNW4MFWZ1MAXVFWE

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Sep 2024 01:58:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-Ogury_rx_snb_smrt_n-adYouLike_n-sharethrough_pm-db5_rbd_n-Rise_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
M0JWEGFHR7VT2T15BQMA
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.174.84 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-174-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Wed, 04 Sep 2024 02:13:21 GMT
288
a.ad.gt/api/v1/u/matches/
13 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cf1907c7d26c6610ef9d65bdf860905719a9f3345cd19576fe5d4cdff07ee33

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 01:50:48 GMT
server
cloudflare
age
192
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8bda5fc0d904aae8-YYZ
AGSKWxXyb86w9r7BwxgxIjTGedausyJ0ocUwDFKZjXIhFFvzy_yzCHhjloKQzXl3l-L1igRnSIHkeOA-I39m0xZZKCvlGF417XTWD1haIYV3N7DaCdJ5SSjMRjWMwxOPu2igYX0K-A6Wwg==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXyb86w9r7BwxgxIjTGedausyJ0ocUwDFKZjXIhFFvzy_yzCHhjloKQzXl3l-L1igRnSIHkeOA-I39m0xZZKCvlGF417XTWD1haIYV3N7DaCdJ5SSjMRjWMwxOPu2igYX0K-A6Wwg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1NDE1MTAxLDUzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZmlsZS5pby96OFZhL2Rvd25sb2FkL2JkanJIWmY3cnFXTiIsbnVsbCxbWzgsImZwRkJTaEp6QkZJIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f39a86d7b95d2cacee1678eaa396b627745bd3f0cdf4a477e6f1ed8e80b7c5ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HFMcdGDtzk96i3wVQcnTfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-HFMcdGDtzk96i3wVQcnTfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYFYtecSqykQ3193ifU5EO_9eIn1KBAL8XDs_XtvG5vAhyMtk5iUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDYz0DEzjCwwAFYBCCA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 01FB
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29367
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 01:56:15 GMT
expires
Wed, 04 Sep 2024 02:46:15 GMT
last-modified
Mon, 26 Aug 2024 19:48:13 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 04:14:45 GMT
content-encoding
gzip
age
1287816
x-guploader-uploadid
AHxI1nPCiF0l9ab22-46TCb-bofIoxfN8Jj8fvzCPKPVWwoOxM6ZnQH9SGwh9bqFirZ3qEipWoLCsV0eOQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 20 Aug 2025 04:14:45 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
43 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:44:14 GMT
content-encoding
gzip
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 18:47:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
69249
x-amz-server-side-encryption
AES256
etag
W/"7db46e1255a018ecf02f47b2c19c26c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
tUR3ZBqStog8XYhHKtL8rZ7c7ULPpB1TrCNlBaskWw0aPdBCVQbapA==
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 Jul 2024 14:14:53 GMT
server
nginx
etag
W/"668fe8dd-a6cc"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 01:58:21 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
via
1.1 google
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
etag
cd19e0900da0cdbc6697310fd9330fb6
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
35f5e60ba36acb76fc67cee67d5f56e3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
ob.js
cdn-ima.33across.com/
17 KB
7 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Aug 2024 20:25:40 GMT
server
cloudflare
age
18905
etag
W/"66ce3644-43df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8bda5fc29d6a39ff-YYZ
expires
Sat, 07 Sep 2024 01:58:21 GMT
fire.js
s.cpx.to/
47 B
231 B
Fetch
General
Full URL
https://s.cpx.to/fire.js?pid=13058&url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&hn_ver=78&fid=10b0758b-fd9f-4910-9618-50c5fd90b4cd&dsp=pub_common&dsp_uid=a6e95981-e7b0-4b51-8697-d6a250e6a6ec&dsp=TTD&dsp_uid=77c79248-d765-4dff-b399-d5cbd1628181
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-52-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
df78014a4fdc3adc02f4c42ee37db3f1b781225b48ec40631ad0bf2f00b9ae3d

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:22 GMT
access-control-allow-credentials
true
p3p
CP="NOI DEV ADM"
content-length
47
vary
Origin
expires
Wed, 04 Sep 2024 01:58:22 GMT
bounce
id5-sync.com/
29 B
448 B
Fetch
General
Full URL
https://id5-sync.com/bounce
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.file.io
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
45 B
283 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
3e4c8b87b68aee9b10fd98571c1bedebbdf71dc0a65b16be216637c1acfa9375
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/
190 B
460 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:16::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Wed, 04 Sep 2024 02:28:22 GMT
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202408290101&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42a58cc226aa8778d96bbc7162faa7b99a06b0002242cb4a043940f9a6610470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12980
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
2 KB
487 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=133855055700708&correlator=4225140294519638&eid=31079956%2C31083339%2C31086287&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&gpp_sid=-1&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370d898fb531abee85aab%2CVM_637370bb889c301e8e7ad53d&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=970x250%7C970x90%7C728x90%7C300x250%7C336x280%2C970x250%7C728x90%7C970x90%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1725415101687&lmt=1700584689&adxs=315%2C315&adys=1413%2C213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0&ucis=1%7C2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&vis=1&psz=970x-1%7C970x-1&msz=970x-1%7C970x-1&fws=0%2C0&ohw=0%2C0&td=1&egid=41883&tan=60ba7ec0-5abb-4137-b788-37617eda6a21%2C60ba7ec0-5abb-4137-b788-37617eda6a22&tdf=2&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDc4YzFlMjUyLWQ0NjgtNDJiYy1iMDQ5LWU0NzA4MDMxYTA3NVgB&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725415098019&idt=2879&ppid=78c1e252d46842bcb049e4708031a075&prev_scp=hb_pb%3D0.08%26hb_adid%3D637370d898fb531abee85aab-1100%26hb_iv%3D0%26sv%3D1%26re_ve%3D26b66001-v8.38.0%26pg_ld_id%3D2d4fc4a3-967a-417b-b5af-faade7444fdb%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370d898fb531abee85aab%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dlinux%26is_ta%3Dtrue%26is_vi%3Dfalse%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2024-08-01%252011%253A49%253A44%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D4bfa7fd4-dca6-4c36-9e3b-f366a98ec08d%26tpcs%3Dunknown%26cdl%3D%26do%3Dfile.io%26bf_br%3D29588677%26af_im%3D38703940%7Chb_pb%3D0.08%26hb_adid%3D637370bb889c301e8e7ad53d-1101%26hb_iv%3D1%26sv%3D1%26re_ve%3D26b66001-v8.38.0%26pg_ld_id%3D2d4fc4a3-967a-417b-b5af-faade7444fdb%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370bb889c301e8e7ad53d%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dlinux%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2024-08-01%252011%253A49%253A44%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D4bfa7fd4-dca6-4c36-9e3b-f366a98ec08d%26tpcs%3Dunknown%26cdl%3D%26do%3Dfile.io%26bf_br%3D29588677%26af_im%3D38703940&cust_params=testgroup%3D79&adks=3724057250%2C1393215030&frm=20&eoidce=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0985bfbecbf2335ca5ce59ab853838676c42c3163268dea12cfe583560170bf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
455
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
20806bddc7e79fec8ae1f3f389cda6c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 303E
0
0
Document
General
Full URL
https://20806bddc7e79fec8ae1f3f389cda6c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 01:58:22 GMT
expires
Wed, 04 Sep 2024 01:58:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
288
p.ad.gt/api/v1/p/
40 KB
14 KB
Script
General
Full URL
https://p.ad.gt/api/v1/p/288
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8de31ca3b5ee96d5d48164452b055807187a319ea53ae568b75063c6348ecfe5

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 01:54:39 GMT
server
cloudflare
age
179
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8bda5fc3f98e36fb-YYZ
halo_match
ids.ad.gt/api/v1/
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&halo_id=060ixe6ju6a65kihgfc676faj6hbef6ekceuom0wi0e0yyusqoi020oew0sgmo0my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif
ip_match
ids.ad.gt/api/v1/
0
191 B
Image
General
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001725415102-I0C8NFXP-V137
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
server
nginx/1.24.0
content-length
0
content-type
text/html; charset=utf-8
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001725415102-I0C8NFXP-V137&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001725415102-I0C8NFXP-V137&adnxs_id=3886628682223636672&gdpr=0
43 B
144 B
Image
General
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001725415102-I0C8NFXP-V137&adnxs_id=3886628682223636672&gdpr=0
Protocol
H2
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:21 GMT
an-x-request-uuid
53968976-023d-41ef-8f0b-3357d44c8b71
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001725415102-I0C8NFXP-V137&adnxs_id=3886628682223636672&gdpr=0
x-proxy-origin
166.0.205.70; 166.0.205.70; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001725415102-I0C8NFXP-V137&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=77c79248-d765-4dff-b399-d5cbd1628181&id=AU1D-0100-001725415102-I0C8NFXP-V137
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=77c79248-d765-4dff-b399-d5cbd1628181&id=AU1D-0100-001725415102-I0C8NFXP-V137
Protocol
H2
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=77c79248-d765-4dff-b399-d5cbd1628181&id=AU1D-0100-001725415102-I0C8NFXP-V137
date
Wed, 04 Sep 2024 01:58:21 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001725415102-I0C8NFXP-V137
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001725415102-I0C8NFXP-V137
  • https://ids.ad.gt/api/v1/pbm_match?pbm=7A25AC93-1E74-489E-BD48-53BB2C0A1325&id=AU1D-0100-001725415102-I0C8NFXP-V137
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=7A25AC93-1E74-489E-BD48-53BB2C0A1325&id=AU1D-0100-001725415102-I0C8NFXP-V137
Protocol
H2
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=7A25AC93-1E74-489E-BD48-53BB2C0A1325&id=AU1D-0100-001725415102-I0C8NFXP-V137
date
Wed, 04 Sep 2024 01:58:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/
0
1 KB
Image
General
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001725415102-I0C8NFXP-V137&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
7654d1c22c7536dacc29d4de0f448a70
Expires
0
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001725415102-I0C8NFXP-V137&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001725415102...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001725415102-I0C8NFXP-V137&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001725...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c4fd3250-5065-4ae6-949f-ad6b7e8ca640%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=77c79248-d765-4dff-b399-d5cbd1628181&ttd_puid=c4fd3250-5065-4ae6-949f-ad6b7e8ca640%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&tapad_id=c4fd3250-5065-4ae6-949f-ad6b7e8ca640
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&tapad_id=c4fd3250-5065-4ae6-949f-ad6b7e8ca640
Protocol
H2
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 04 Sep 2024 01:58:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&tapad_id=c4fd3250-5065-4ae6-949f-ad6b7e8ca640
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001725415102-I0C8NFXP-V137
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&google_gid=CAESECKDX06NinPkZAYhSIPh-cc&google_cver=1&google_ula=450542624,0
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&google_gid=CAESECKDX06NinPkZAYhSIPh-cc&google_cver=1&google_ula=450542624,0
Protocol
H2
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&google_gid=CAESECKDX06NinPkZAYhSIPh-cc&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001725415102-I0C8NFXP-V137
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNTQxNTEwMi1JMEM4TkZYUC1WMTM3
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNTQxNTEwMi1JMEM4TkZYUC1WMTM3
Protocol
H2
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNTQxNTEwMi1JMEM4TkZYUC1WMTM3
date
Wed, 04 Sep 2024 01:58:22 GMT
server
nginx/1.24.0
content-length
453
content-type
text/html; charset=utf-8
smart_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001725415102-I0C8NFXP-V137%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&sas_uid=8452238319077029474
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&sas_uid=8452238319077029474
Protocol
H2
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001725415102-I0C8NFXP-V137&sas_uid=8452238319077029474
date
Wed, 04 Sep 2024 01:58:22 GMT
content-length
0
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001725415102-I0C8NFXP-V137
  • https://ids.ad.gt/api/v1/ppnt_match?uid=3B6Ob4F8FxAa&ev=1&pid=562316&id=AU1D-0100-001725415102-I0C8NFXP-V137
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=3B6Ob4F8FxAa&ev=1&pid=562316&id=AU1D-0100-001725415102-I0C8NFXP-V137
Protocol
H2
Server
54.149.167.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-167-136.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:23 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ids.ad.gt/api/v1/ppnt_match?uid=3B6Ob4F8FxAa&ev=1&pid=562316&id=AU1D-0100-001725415102-I0C8NFXP-V137
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-79d8975dc-674t5
expires
-1
0
sync.1rx.io/usersync/audigent/
0
99 B
Image
General
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001725415102-I0C8NFXP-V137%26unruly_id%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:13 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
bid
aax.amazon-adsystem.com/e/dtb/
198 B
532 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&pid=QNZDf3zJXgK4C&cb=1&ws=1600x1200&v=24.827.1552&t=3500&slots=%5B%7B%22sd%22%3A%226373734998fb531abee85aca-1002%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_6373734998fb531abee85aca%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&sm=bfa45aad-4dcc-49ba-ae06-d6601216756c&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060ixe6ju6a65kihgfc676faj6hbef6ekceuom0wi0e0yyusqoi020oew0sgmo0my%22%2C%22pubcommon%22%3A%22a6e95981-e7b0-4b51-8697-d6a250e6a6ec%22%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.30.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-30-15.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
eb6811b7561d4143a9864a14d21706eef52be82e0131c52e636ad1bb8333cd58

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
via
1.1 f391dfb0806f29cccc5f1df3e1ae836e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
timing-allow-origin
*
content-length
184
x-amz-cf-id
y0wSNzpIgqQqAutJnyM206Hb0pWkaplw5D8mZdFj3Q5PVQ32Zlm2Vw==
spt
tg1.aniview.com/api/adserver/
31 KB
9 KB
Script
General
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=2d4fc4a3-967a-417b-b5af-faade7444fdb&AV_PLACEMENTID=6373750d98fb531abee85ae5
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:e800:c8e::2c79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
44323d73c0d3f099f1bddb8dc574b64105fcb41f3cfd281ce2f256f7f77a033f

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-bamboo-c-skst
1
Content-Encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
Date
Wed, 04 Sep 2024 01:58:22 GMT
Critical-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Connection
keep-alive
Content-Length
8258
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding, Origin
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Expires
Wed, 04 Sep 2024 02:03:22 GMT
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.38.0&referrer=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&tmax=3500&gdpr=false
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.91.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-91-202.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/
23 KB
7 KB
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
c23e9b9353fe1775aed478f15b5ab0a78eece753216e43dc280cc6bbd271e735

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/
0
54 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
elb.the-ozone-project.com/openrtb2/
298 B
717 B
Fetch
General
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828e1cdf922fffd511342710954b0d410d8cf47be5c20075e8cd428c158e5cf2

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8bda5fc3cf8cac4b-YYZ
expires
0
c
prebid.a-mo.net/a/
1 KB
712 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
125.253.89.184 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
envoy /
Resource Hash
f8d8f438390805aeaed8e0a2c45426fdf6967878ede5e1f54941af47985bfcec

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:21 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
content-length
538
prebid
ib.adnxs.com/ut/v3/
143 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
487d26c7404c0176f716a156618ce0eed6adb36ab8c1aa5e7e10da94696fcb8d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:22 GMT
an-x-request-uuid
ee294d96-bb26-440f-9fe4-4b81ffe00ee9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.70; 166.0.205.70; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
ep2.adtrafficquality.google/sodar/
17 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Sep 2024 01:58:22 GMT
map
bcp.crwdcntrl.net/6/
156 B
611 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.242.143.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-143-54.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f1600b2dedeb8ee46bd374971d925b70d2619f5b582cea2dade96ab765e4cf59

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.file.io
cache-control
no-cache
x-server
10.40.63.48
access-control-allow-credentials
true
content-length
156
expires
0
usync.html
eus.rubiconproject.com/ Frame 51EF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-170-143.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Wed, 04 Sep 2024 01:58:23 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 04 Sep 2024 01:58:22 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-banner-1.7.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame A329
41 KB
14 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.7.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cd Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
15423633a798d9076f73d7ea9a9fa674cf34b22eba5413a46975d21fd4a1b005

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2024 13:26:35 GMT
Server
AkamaiNetStorage
ETag
"d0e5f78b8aebd906643dbbfa1eec3d4b:1718289570.165862"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13700
sas-banner-1.7.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 9BC8
41 KB
0
Script
General
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.7.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cd Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
15423633a798d9076f73d7ea9a9fa674cf34b22eba5413a46975d21fd4a1b005

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2024 13:26:35 GMT
Server
AkamaiNetStorage
ETag
"d0e5f78b8aebd906643dbbfa1eec3d4b:1718289570.165862"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13700
track_enc
track.venatusmedia.com/dual/
16 B
161 B
XHR
General
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.192.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-192-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:22 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
ecommerce.js
www.google-analytics.com/plugins/ua/
1 KB
655 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:53:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 04 Sep 2024 02:53:51 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1360
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 04 Sep 2024 02:35:42 GMT
js
www.googletagmanager.com/gtag/
256 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff94bc0f5742e3f43cc2c02e68b7ea19dd11efa1831099805beb16850cc04979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92263
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 01:58:22 GMT
collect
a.ad.gt/api/v1/
0
113 B
XHR
General
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:22 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8bda5fc5cd56aae8-YYZ
vary
Origin
getpixels
pixels.ad.gt/api/v1/
0
88 B
Script
General
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=a01175b5e4e39f0292d6039c8f3d339d&url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&code=%27none%27
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8bda5fc8fa3836fc-YYZ
match
seg.ad.gt/api/v2/
2 KB
537 B
XHR
General
Full URL
https://seg.ad.gt/api/v2/match
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8df4522c9f8214c337eea5851b04d3358cc2a063b249ada4d38657d75b724f4

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 04 Sep 2024 01:58:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers, accept-encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
8bda5fc9f8fba247-YYZ
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/
229 KB
66 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.174.84 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-174-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Wed, 04 Sep 2024 02:13:22 GMT
v3
id5-sync.com/gm/
700 B
1 KB
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
cd940eeec14d380c284489a9fc93ab165a869049715053a69513268a8ebc901c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.file.io
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
page-data.json
www.file.io/page-data/plans/
0
665 B
Other
General
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Origin
https://www.file.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 15:05:16 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
68CBT34CSXMJBZ8K
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
39187
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
e5OOW/NJYRDNSfMBqkvEgENiqA1N9FCKFM39PQUhfKYiYwq8yN1a+LyBafWFVsIuaurQvNsr/mOr9yUnCqN7iw==
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
6VLm2HYTiT8gXUHZuPYF7TjqN2D3BMBCPeWHlOKE1gc2-EXI7xbWzQ==
page-data.json
www.file.io/page-data/developers/
0
678 B
Other
General
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Origin
https://www.file.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:54:56 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
NAFX5S9N06Y4WDFV
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
39807
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
eSNoEnjxOQXBm+OCfyBz6LjuqVJr8CEZJTeI4wo/H/t2gX4iMRf0MsZgQMlL9/1UqpKZ4Z7T+F0=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
7PSEmozhdgGe7DwYs7zpDVt5VclAvW9H7j0cX3UwP8AiS8VBR4kDKw==
page-data.json
www.file.io/page-data/about/
0
642 B
Other
General
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Origin
https://www.file.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:18:56 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
RGQGRXMMZE45Q3RQ
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
70767
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
fjOIrkHM58FyDjL+qORw0lCXxD83A/5kXhm/EAiczPDi92tLsxlm4WOdYeXmjm/xBA5Uon9Oimo=
last-modified
Tue, 21 Nov 2023 16:38:11 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
ZyQAY7QTixE5PWFRDa81ppfeX1dRphvH9loa8W3MdHxdl76VutmH8g==
page-data.json
www.file.io/page-data/signup/
0
651 B
Other
General
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Origin
https://www.file.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:54:41 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
NAFPAWDKT8FS0A42
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
39822
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
Q43qi7+GXMPHumi72G/Yxe62PSrv7Fp2krdXtbKa67Pr2N6pwdF9aoNHDIzr2wk4+VzuQ/WNlSs=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
MyqBIxizvRmScBsh5M6ARn5tDJX7-EwnYBNWyrE6Pznk8paq0B6F8w==
match
seg.ad.gt/api/v2/ Frame
0
0
Preflight
General
Full URL
https://seg.ad.gt/api/v2/match
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
allow
POST
cf-cache-status
DYNAMIC
cf-ray
8bda5fc8d824a247-YYZ
date
Wed, 04 Sep 2024 01:58:22 GMT
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers
_
fundingchoicesmessages.google.com/f/AGSKWxWrFokJvx6_NJZ2kbQvtW-2qIM96a1P0VnMOtSmYOHi2r9YZYGFizT7WOfbvGh3uXGOoNl6SjsHqtT-qtTskwMUg_9x6NuEyPX5y1Zt1ViO_TpJJqvE0vtP711y83d5SOjHWHFZh5kwOPD4xpkIN_f9UiwBA...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWrFokJvx6_NJZ2kbQvtW-2qIM96a1P0VnMOtSmYOHi2r9YZYGFizT7WOfbvGh3uXGOoNl6SjsHqtT-qtTskwMUg_9x6NuEyPX5y1Zt1ViO_TpJJqvE0vtP711y83d5SOjHWHFZh5kwOPD4xpkIN_f9UiwBARFV6xx4738wM3R38r4CNAl_jdrj1Rae/_?ad_partner=/mobilead_/pullads..mx/ads//xadvertisement.
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20553e7f44dc109faf7ac0040eacf17714daf514343d8c16c482d5171c58fba2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1thaCVpJH-MEF0c2eBlvxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-1thaCVpJH-MEF0c2eBlvxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYFYtecSqykQ3193ifU5EO_9eIn1KBAL8XDs-3tvG5tAx_ZLZ5iUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDYz0DEzjCwwAFE1CFg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/
240 KB
75 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa27cc0acc7972917ced13c363d3e150fb5567a3e9ca019b2808655418029d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:22:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
2181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76928
x-xss-protection
0
server
cafe
etag
1539616720350579362
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 04 Sep 2024 02:22:01 GMT
AGSKWxUWEAwxuvkT6Iw_yBjdJE8MP6JaUavviLnX6z7PyTJTPWb2JiyZytTaFO6QusUPt4VzUigTkugo7wPqzGwSOmzdmaz6gulmWDYH3D-vyOa0h2DK8EiVPfIgyPICkadWYi7jG90VYg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUWEAwxuvkT6Iw_yBjdJE8MP6JaUavviLnX6z7PyTJTPWb2JiyZytTaFO6QusUPt4VzUigTkugo7wPqzGwSOmzdmaz6gulmWDYH3D-vyOa0h2DK8EiVPfIgyPICkadWYi7jG90VYg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UtKuY3_zksWmzoORFc8YzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-UtKuY3_zksWmzoORFc8YzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDj2_b23jU1gw9X2hcxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBIz8A8vsAAAHkFLnk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://id5-sync.com/i/258/8.gif?o=api&id5id=ID5*vhd50q9VkZyePvc95TO7nX1ZHH8xfxRVOfvL4kATCgHBZdrTpc4cevpFNTD4W24j&gdpr_consent=undefined&gdpr=false
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F112%2F7%2F2.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/258/112/7/2.gif?puid=861FAF6A7DB563C0&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/258/441/6/3.gif?puid=u_b8108f60-3c8e-42dd-84d9-a9313156dad1&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/258/429/5/4.gif?puid=7A25AC93-1E74-489E-BD48-53BB2C0A1325&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/258/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/258/2/4/5.gif?puid=3886628682223636672&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/258/434/3/6.gif?puid=f794a070-cdec-495b-b74c-6c653d5a4298&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=77c79248-d765-4dff-b399-d5cbd1628181&ttl=%%TTL%%
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/258/108/1/8.gif?puid=c4fd3250-5065-4ae6-949f-ad6b7e8ca640&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=ODYxRkFGNkE3REI1NjNDMA%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-1c1cICHZLRFKv4xqR_Ms8i1Uzr4LXOS2j4NTz2dCsA
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEOD0cB0-COdDcj4FlQRgDpE&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-1c1cICHZLRFKv4xqR_Ms8i1Uzr4LXOS2j4NTz2dCsA&...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
70 B
460 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:27 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 04 Sep 2024 01:58:27 GMT
Frontend-ID
8
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=M0N7LPTA-13-KP8J&customParamenters=
0
199 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=M0N7LPTA-13-KP8J&customParamenters=
Protocol
H2
Server
34.255.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-52-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
date
Wed, 04 Sep 2024 01:58:23 GMT
expires
Wed, 04 Sep 2024 01:58:23 GMT

Redirect headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=M0N7LPTA-13-KP8J&customParamenters=
content-length
0
X-RPHost
7654d1c22c7536dacc29d4de0f448a70
Expires
0
sync
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
  • https://s.cpx.to/sync?dsp_uid=CAESEC1oiBe0BaEGjftJq4Ml2ZM&dsp=dbm&google_cver=1
0
205 B
Image
General
Full URL
https://s.cpx.to/sync?dsp_uid=CAESEC1oiBe0BaEGjftJq4Ml2ZM&dsp=dbm&google_cver=1
Protocol
H2
Server
34.255.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-52-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
date
Wed, 04 Sep 2024 01:58:22 GMT
expires
Wed, 04 Sep 2024 01:58:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/sync?dsp_uid=CAESEC1oiBe0BaEGjftJq4Ml2ZM&dsp=dbm&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fire.js
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fwww.file.io%252Fz8Va%252Fdownload%252FbdjrHZf7rqWN%26...
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=3886628682223636672&pid=13058&url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&hn_ver=78&fid=10b0758b-fd9f-4910-9618-50c5fd90b4cd&dsp=pu...
37 B
37 B
Image
General
Full URL
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=3886628682223636672&pid=13058&url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&hn_ver=78&fid=10b0758b-fd9f-4910-9618-50c5fd90b4cd&dsp=pub_common&dsp_uid=a6e95981-e7b0-4b51-8697-d6a250e6a6ec&dsp=TTD&dsp_uid=77c79248-d765-4dff-b399-d5cbd1628181
Protocol
H2
Server
34.255.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-52-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 04 Sep 2024 01:58:23 GMT
date
Wed, 04 Sep 2024 01:58:23 GMT
content-length
37
p3p
CP="NOI DEV ADM"

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:22 GMT
an-x-request-uuid
5b4ac0fe-0549-4e80-b2cb-f2e7b79438ed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=3886628682223636672&pid=13058&url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&hn_ver=78&fid=10b0758b-fd9f-4910-9618-50c5fd90b4cd&dsp=pub_common&dsp_uid=a6e95981-e7b0-4b51-8697-d6a250e6a6ec&dsp=TTD&dsp_uid=77c79248-d765-4dff-b399-d5cbd1628181
x-proxy-origin
166.0.205.70; 166.0.205.70; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7A25AC93-1E74-489E-BD48-53BB2C0A1325
0
215 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7A25AC93-1E74-489E-BD48-53BB2C0A1325
Protocol
H2
Server
34.255.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-52-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
date
Wed, 04 Sep 2024 01:58:23 GMT
expires
Wed, 04 Sep 2024 01:58:23 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7A25AC93-1E74-489E-BD48-53BB2C0A1325
date
Wed, 04 Sep 2024 01:58:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
securepubads.g.doubleclick.net/gampad/
424 B
174 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=133855055700708&correlator=4225140294519638&eid=31079956%2C31083339%2C31086287&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&gpp_sid=-1&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_6373734998fb531abee85aca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&sfv=1-0-40&eri=32&sc=1&cookie=ID%3D8478ca8ec504794c%3AT%3D1725415101%3ART%3D1725415101%3AS%3DALNI_Mb7SP7aZCoxMXo7tEq7a9yOw0T67g&gpic=UID%3D00000eda11b547a9%3AT%3D1725415101%3ART%3D1725415101%3AS%3DALNI_MbncePcFOGnCg918hWDBSXygM5z-w&abxe=1&dt=1725415102851&lmt=1700584689&adxs=45&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&vis=1&psz=160x270&msz=160x250&fws=4&ohw=160&td=1&egid=41883&tan=60ba7ec0-5abb-4137-b788-37617eda6a23&tdf=2&topics=3&tps=3&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDc4YzFlMjUyLWQ0NjgtNDJiYy1iMDQ5LWU0NzA4MDMxYTA3NVgB&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725415098019&idt=2879&ppid=78c1e252d46842bcb049e4708031a075&prev_scp=hb_pb%3D0.08%26hb_adid%3D6373734998fb531abee85aca-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3D26b66001-v8.38.0%26pg_ld_id%3D2d4fc4a3-967a-417b-b5af-faade7444fdb%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D6373734998fb531abee85aca%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dlinux%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2024-08-01%252011%253A49%253A44%26ta_si%3D160x600%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D4bfa7fd4-dca6-4c36-9e3b-f366a98ec08d%26tpcs%3Dunknown%26cdl%3D%26do%3Dfile.io%26st_ty%3Dvert%26bf_br%3D44628884%26af_im%3D54120925%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&cust_params=testgroup%3D79&adks=395328347&frm=20&eo_id_str=ID%3D155faa007ca86bc9%3AT%3D1725415101%3ART%3D1725415101%3AS%3DAA-AfjbUGxfVYIaxNROk5PDyvBXQ
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36095e3b157249af9b5f4999e86055407a3fbb584716af67a1048ad40b1331fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUWEAwxuvkT6Iw_yBjdJE8MP6JaUavviLnX6z7PyTJTPWb2JiyZytTaFO6QusUPt4VzUigTkugo7wPqzGwSOmzdmaz6gulmWDYH3D-vyOa0h2DK8EiVPfIgyPICkadWYi7jG90VYg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUWEAwxuvkT6Iw_yBjdJE8MP6JaUavviLnX6z7PyTJTPWb2JiyZytTaFO6QusUPt4VzUigTkugo7wPqzGwSOmzdmaz6gulmWDYH3D-vyOa0h2DK8EiVPfIgyPICkadWYi7jG90VYg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RmA1FbT_N_XPdt8sCgFg_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RmA1FbT_N_XPdt8sCgFg_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDj2_b23jU3gwtKF65mVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpYGRnoF5fIEBAHunLog"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
page-data.json
www.file.io/page-data/plans/
141 B
0
XHR
General
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 15:05:16 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
68CBT34CSXMJBZ8K
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
39187
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
e5OOW/NJYRDNSfMBqkvEgENiqA1N9FCKFM39PQUhfKYiYwq8yN1a+LyBafWFVsIuaurQvNsr/mOr9yUnCqN7iw==
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
6VLm2HYTiT8gXUHZuPYF7TjqN2D3BMBCPeWHlOKE1gc2-EXI7xbWzQ==
component---src-pages-plans-index-js-a1b4f4dd8917abd3cd24.js
www.file.io/
0
966 B
Other
General
Full URL
https://www.file.io/component---src-pages-plans-index-js-a1b4f4dd8917abd3cd24.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 16:54:37 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
F9YKVKZ3QP2XX2X1
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
24743026
x-cache
Hit from cloudfront
content-length
473
x-amz-id-2
o3iGsTu9APx8ig4hbhP7tN6bsb76h7mM/AFxfBQ6pHbBhvh/0dvTmkHgRVygn1lMConeUoUKq1M=
last-modified
Tue, 21 Nov 2023 16:38:08 GMT
server
AmazonS3
etag
"7145b9473a208226d7636a9a75abd75c"
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rbzt305jRtCgu4xuTr8PtS0uhflg6s6CG7g_LUM20RkVpYZjO8q7mw==
page-data.json
www.file.io/page-data/signup/
137 B
0
XHR
General
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:54:41 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
NAFPAWDKT8FS0A42
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
39822
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
Q43qi7+GXMPHumi72G/Yxe62PSrv7Fp2krdXtbKa67Pr2N6pwdF9aoNHDIzr2wk4+VzuQ/WNlSs=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
MyqBIxizvRmScBsh5M6ARn5tDJX7-EwnYBNWyrE6Pznk8paq0B6F8w==
page-data.json
www.file.io/page-data/developers/
163 B
0
XHR
General
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:54:56 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
NAFX5S9N06Y4WDFV
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
39807
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
eSNoEnjxOQXBm+OCfyBz6LjuqVJr8CEZJTeI4wo/H/t2gX4iMRf0MsZgQMlL9/1UqpKZ4Z7T+F0=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
7PSEmozhdgGe7DwYs7zpDVt5VclAvW9H7j0cX3UwP8AiS8VBR4kDKw==
page-data.json
www.file.io/page-data/about/
147 B
0
XHR
General
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:18:56 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
RGQGRXMMZE45Q3RQ
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
70767
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
fjOIrkHM58FyDjL+qORw0lCXxD83A/5kXhm/EAiczPDi92tLsxlm4WOdYeXmjm/xBA5Uon9Oimo=
last-modified
Tue, 21 Nov 2023 16:38:11 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
ZyQAY7QTixE5PWFRDa81ppfeX1dRphvH9loa8W3MdHxdl76VutmH8g==
component---src-pages-signup-js-fd1b49bd14e389fae668.js
www.file.io/
0
6 KB
Other
General
Full URL
https://www.file.io/component---src-pages-signup-js-fd1b49bd14e389fae668.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 10:06:27 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
HK2DXMG7PE9YG9M9
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
21484315
x-cache
Hit from cloudfront
x-amz-id-2
0CamyXo686Cd172uNRLvsL22qIzZHhosf33ikSoO5RCsnl0NlAUN8EEA4O5/o7SVZI6LaFjaAAU=
last-modified
Tue, 21 Nov 2023 16:38:09 GMT
server
AmazonS3
etag
W/"ff348576400c36f50f410e7387c7ce32"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
oAQiltYbmFVQXp8dJP1Ms3aWofO4HPLWAHO3RF3mZy4qNZhbWh2Gog==
component---src-pages-developers-index-js-a7859f6a3a3afc3f07c9.js
www.file.io/
0
163 KB
Other
General
Full URL
https://www.file.io/component---src-pages-developers-index-js-a7859f6a3a3afc3f07c9.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 05:06:49 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
HVBTJHDA32HHSQV1
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
11479894
x-cache
Hit from cloudfront
x-amz-id-2
Rfv6x0WHxjW/NwM7ks/8Ya/IjunsyFImlShfL4OjcAwfG7S8psgzIITTNujf5fFFuMLi8zAox+Y=
last-modified
Tue, 21 Nov 2023 16:38:07 GMT
server
AmazonS3
etag
W/"1b4fa957d78fef16878e49afd25feb5a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
mbOW17zeZp-Gc3NagtNpNVpG3h1Lz2ZmJnBbtz4PL-kVqMI5ogdBzw==
component---src-pages-about-js-d5659205ab31e042f35a.js
www.file.io/
0
1 KB
Other
General
Full URL
https://www.file.io/component---src-pages-about-js-d5659205ab31e042f35a.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 31 May 2024 07:34:20 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
2FGBXF3Y1TN5F4M0
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
8274243
x-cache
Hit from cloudfront
x-amz-id-2
/2ChDY/fYGK7XGYlRGMq8gVpaxdPdMNaY7Y4b+ooNvle/lFWKgYdt0CyjT8OYWJUciZCRenNcmY=
last-modified
Tue, 21 Nov 2023 16:38:06 GMT
server
AmazonS3
etag
W/"427e2ebf785382e93e1575e427b3970a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
QAjeKUFJIXf7vEv8yY3MoC_GXwcBhpl1HHw0rBoyO15ZGDiLUl4rWQ==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5787
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1603
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 01:31:40 GMT
expires
Thu, 04 Sep 2025 01:31:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 81F4
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hPLlPP5Ws-6MXkt8umzGPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hPLlPP5Ws-6MXkt8umzGPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 01:58:23 GMT
expires
Wed, 04 Sep 2024 01:58:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
66d0595efb0d27de3c066222
feed.avplayer.com/backend/api/playlist/
3 KB
1 KB
XHR
General
Full URL
https://feed.avplayer.com/backend/api/playlist/66d0595efb0d27de3c066222?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:65::17d3:f199 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b1fcc1c19ba2736a373cd125893141e4f1b082ab447929c6fe5093eaa9157b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
server-timing
bootstrap;desc="Bootstrap";dur=11.24906539917, app;desc="App";dur=4, total;desc="Total";dur=15.926837921143,
content-length
772
expires
Wed, 04 Sep 2024 02:58:23 GMT
avcplayer.js
player.avplayer.com/script/8.3/v/
553 KB
155 KB
Script
General
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e2f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
57892748a3d22553cb2439fc655fae8fe44ba147b54b5cdc039fb7c627a2052b

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:23 GMT
content-encoding
gzip
x-guploader-uploadid
AD-8ljtdxyPpVP4Ta-syG6yhFs-zTfpTmC6birwXz-jQyr4v5LoCWM_9jmiyOTMBU0QFEemcEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
158280
last-modified
Mon, 02 Sep 2024 08:25:36 GMT
server
UploadServer
etag
"49c5c1dfcd20f64687f98345719c9932"
vary
Accept-Encoding
x-goog-generation
1725265536316475
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=q0yePw==, md5=ScXB380g9kaH+YNFcZyZMg==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=300
x-goog-stored-content-length
158280
accept-ranges
bytes
expires
Wed, 04 Sep 2024 02:03:23 GMT
track
track4.aniview.com/
0
169 B
Image
General
Full URL
https://track4.aniview.com/track?pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&cb=1725415103075&r=www.file.io&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d65=GoogleSignals&d66=8&d74=&e=playerLoaded&cpid=66d0595efb0d27de3c066222&str=viewable
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:23 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
sas-banner-1.7.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame DD95
41 KB
0
Script
General
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.7.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cd Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
15423633a798d9076f73d7ea9a9fa674cf34b22eba5413a46975d21fd4a1b005

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2024 13:26:35 GMT
Server
AkamaiNetStorage
ETag
"d0e5f78b8aebd906643dbbfa1eec3d4b:1718289570.165862"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13700
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame CFBD
0
0
Document
General
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2289dd86e3-9d2c-4e52-ac5d-50c9c8660928%22%2c%22adomain%22%3a%22structube.com%22%2c%22page%22%3a%221143513%22%2c%22format%22%3a%2282113%22%2c%22crid%22%3a%22f195585e-4918-4d0d-ba8a-59a573ba987c%22%2c%22dsp%22%3a%2280%22%2c%22buyer%22%3a%22204598%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-8077188547423890240%22%7d
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Wed, 04 Sep 2024 01:58:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Thu, 05 Sep 2024 01:58:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
adchoices.css
content.quantcount.com/adchoices/ Frame EE42
4 KB
1 KB
Stylesheet
General
Full URL
https://content.quantcount.com/adchoices/adchoices.css
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-74.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 05:55:28 GMT
content-encoding
gzip
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 15:59:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
age
72177
x-amz-server-side-encryption
AES256
etag
W/"e9cda1f80f07c09ccf744883048aefa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Pe90j2qj8fiWlwDzgyqyhF93maaq0DKfatdqaGB2LV0tP0_z1cQ7vA==
597f253e3b81df455603d216149e6e81b2605344
assets.quantcount.com/ Frame EE42
131 KB
131 KB
Image
General
Full URL
https://assets.quantcount.com/597f253e3b81df455603d216149e6e81b2605344
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-8.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2df7e1bbe8dcc18b85e5abd2664d9b1d8503b3c1663d98bf6e1c7299a85ab58

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
via
1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
214
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
content-length
134018
last-modified
Tue, 30 Jul 2024 21:21:26 GMT
server
AmazonS3
etag
"7da682d93365d3b39c6ba396c81418ad"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
nxQk7Vb1Gm9w7EUX7WtI2gLgp9iRx1dJsnNY8liP97U4-yX4lWIRQA==
adc.png
content.quantcount.com/adchoices/img/ Frame EE42
2 KB
2 KB
Image
General
Full URL
https://content.quantcount.com/adchoices/img/adc.png
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-74.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 09:32:11 GMT
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 15:59:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
age
59174
x-amz-server-side-encryption
AES256
etag
"be8b83ebe85cdd616b60a6877191ce5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
1828
x-amz-cf-id
F_31FR2vm5X3RyZGE5czGaYqQzkO0bb0G9AzoVUhuveVNOVXWTA3sg==
moatad.js
z.moatads.com/quantcastv2691176990399/ Frame EE42
338 KB
115 KB
Script
General
Full URL
https://z.moatads.com/quantcastv2691176990399/moatad.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
71db7c122a50c94750063e0ea43ee1e3e8a94fa053874830629e94e838ce433d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Sep 2024 01:58:24 GMT
content-md5
UwTq04gdmuhe2+2FEMEysA==
storage-tier
Standard
content-length
116793
last-modified
Tue, 04 Jun 2024 17:59:48 GMT
opc-request-id
iad-1:6ukatg8EWMm8-g2KcCmfRQe87odPiaLHrKvSly6MSvIIKAYYXU-v6CdVd_Ml0Eys
x-api-id
native
etag
c9b42fbc-84e3-47e0-bf23-48ac96f8fa90
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
451979c7-113a-40da-b13d-2fed71c9e66f
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=8016
access-control-allow-credentials
true
accept-ranges
bytes
aip
use1.smartadserver.com/h/ Frame EE42
43 B
231 B
Image
General
Full URL
https://use1.smartadserver.com/h/aip?uii=2316563478208986110&tmstp=2493344886&ckid=1258711338625529586&systgt=%24qc%3d1307149725%3b%24ql%3dHigh%3b%24qpc%3dh2y+2j7%3b%24qt%3d93_1012_37935t%3b%24dma%3d0%3b%24qo%3d6%3b%24b%3d16999%3b%24o%3d99999&acd=1725415101258&envtype=0&opid=0739416c-7278-4a7e-b9cc-57eacb9f621a&opdt=1725415101258&siteid=321135&tgt=%24dt%3d1t&gdpr=0&bldv=18807&visit=S&statid=1&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fwww.file.io%2fz8Va%2fdownload%2fbdjrHZf7rqWN&cappid=1258711338625529586&capp=0&mcrdbt=0&insid=8894466&imgid=0&pgid=1143513&fmtid=82113&isLazy=0&rtb=1&rtbnid=3490&rtbbid=6777228477034914138&rtbh=11db7e05f68a146870adbf063df60d5d23714403&rtblt=638610119012627900&rtbet=0&rtbptnid=80&cftgid=0d0b7254a7c3
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:23 GMT
cache-control
no-cache,no-store
api-supported-versions
1.0
content-type
image/gif
p-9fYuixa7g_Hm2.gif
pixel.quantcount.com/pixel/ Frame EE42
35 B
210 B
Image
General
Full URL
https://pixel.quantcount.com/pixel/p-9fYuixa7g_Hm2.gif?labels=_qc.spend,_qc.image.imp&rtbdata2=EBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYABjcuq_AG6ARMxMjU4NzExMzM4NjI1NTI5NTg2wAGA8QTIAeGmhNabMtoBJGU1MWY0Nzk0LTE4YTItNDY1MC04YmNjLTk1NzlhOWUwZTQ3NbACDsgCANACzuGG-_if98ypAegCJPICDQgkEImRz4DQu-Hw3AHyAg8I6PkoEIj6teibz-TL5QH4AgCKAwQzNDkwkgMIc21hcnRfYWSYAwCoAwCyAwSmAM1GugMSCcxG6rTGoRnPETw-NeYNeQubwgMSCQ1NGEleWJXxEXyYunOlWYq6yAOagMAT2APL_PrsB-IDD3AtVXFYMVBzVUpjTmdWc-oDBgjKBxD6AfIDCWgzaCUyMDBhMfgDAIAEwgOKBAI3N5oEEgkBQiIlQ8XFPhGUPqCfjBz_vKIEEgnMRuq0xqEZzxE8PjXmDXkLm6oEEgnMRuq0xqEZzxE8PjXmDXkLm7gEqAHQBCTyBAJDQYAFAYoFKjIwMGZhMWRkNTY5MzY2NmI1ZmFmY2QzZjlmMjNjMWRlMzFkNDFmMzYxY5AFAZoFFSAPod1Wk2ZrX6_NP58jwd4x1B82HKIFJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPbgFAMAFy_z67AfIBcbiqATSBQYIAhACGAroBQeaBhQKEgkBQiIlQ8XFPhGUPqCfjBz_vKAGAKgGtsSANLUG0WAXOLoGPgoCQ0ESAlFDGK7MByIIbW9udHJlYWwqCWgzaCUyMDBhMTobYWNlJTIwZGF0YSUyMGNlbnRlcnMlMjBpbmMuyQauSDJhq9vqBdAGHtgGHuIGGV9mcC5ldmVudC5Db252ZXJzaW9uIFBhZ2XqBhVodHRwczovL3N0cnVjdHViZS5jb23xBgEYMmGr2-oF
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 04 Aug 1978 12:00:00 GMT
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:23 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
content-type
image/gif
p-UqX1PsUJcNgVs.gif
pixel.quantserve.com/pixel/ Frame EE42
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-UqX1PsUJcNgVs.gif?&media=ad&p=0.08&r=213755&rand=2107555403&labels=_qc.imp,_imp.adserver.rtb,_imp.qccampaign.0,_imp.flight.0,_imp.lineitem.0&rtbip=192.184.73.143&rtbdata2=EBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYABjcuq_AG6ARMxMjU4NzExMzM4NjI1NTI5NTg2wAGA8QTIAeGmhNabMtoBJGU1MWY0Nzk0LTE4YTItNDY1MC04YmNjLTk1NzlhOWUwZTQ3NbACDsgCANACzuGG-_if98ypAegCJPICDQgkEImRz4DQu-Hw3AHyAg8I6PkoEIj6teibz-TL5QH4AgCKAwQzNDkwkgMIc21hcnRfYWSYAwCoAwCyAwSmAM1GugMSCcxG6rTGoRnPETw-NeYNeQubwgMSCQ1NGEleWJXxEXyYunOlWYq6yAOagMAT2APL_PrsB-IDD3AtVXFYMVBzVUpjTmdWc-oDBgjKBxD6AfIDCWgzaCUyMDBhMfgDAIAEwgOKBAI3N5oEEgkBQiIlQ8XFPhGUPqCfjBz_vKIEEgnMRuq0xqEZzxE8PjXmDXkLm6oEEgnMRuq0xqEZzxE8PjXmDXkLm7gEqAHQBCTyBAJDQYAFAYoFKjIwMGZhMWRkNTY5MzY2NmI1ZmFmY2QzZjlmMjNjMWRlMzFkNDFmMzYxY5AFAZoFFSAPod1Wk2ZrX6_NP58jwd4x1B82HKIFJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPbgFAMAFy_z67AfIBcbiqATSBQYIAhACGAroBQeaBhQKEgkBQiIlQ8XFPhGUPqCfjBz_vKAGAKgGtsSANLUG0WAXOLoGPgoCQ0ESAlFDGK7MByIIbW9udHJlYWwqCWgzaCUyMDBhMTobYWNlJTIwZGF0YSUyMGNlbnRlcnMlMjBpbmMuyQauSDJhq9vqBdAGHtgGHuIGGV9mcC5ldmVudC5Db252ZXJzaW9uIFBhZ2XqBhVodHRwczovL3N0cnVjdHViZS5jb23xBgEYMmGr2-oF&fpan=1&fpa=P0-823980441-1725415100531&d=file.io&et=1725415103286&sr=1600x1200x24&tzo=420
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 11 Sep 2024 01:58:23 GMT
date
Wed, 04 Sep 2024 01:58:23 GMT
cache-control
private, no-transform, max-age=604800
strict-transport-security
max-age=86400
attribution-reporting-register-source
{"destination":"https://structube.com","source_event_id":"426394643856496641","expiry":"604800","filter_data":{"label":["WERIfQAzUJuvMV0wI+2pow=="],"pcode":["p-UqX1PsUJcNgVs"]}}
content-length
35
content-type
image/gif
action
www14.smartadserver.com/track/ Frame A329
43 B
141 B
Image
General
Full URL
https://www14.smartadserver.com/track/action?sid=1725415102130&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=impressionsonrender&rtb=1&rtbbid=6777228477034914138&rtbet=0&rtblt=638610119012627900&rtbnid=3490&rtbh=11db7e05f68a146870adbf063df60d5d23714403&ts=1725415102130
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

api-supported-versions
1.0
date
Wed, 04 Sep 2024 01:58:23 GMT
content-type
image/gif
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 4717
0
0
Document
General
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2251436081-8f40-4701-9062-00aa05e13a8f%22%2c%22adomain%22%3a%22voila.ca%22%2c%22page%22%3a%221143513%22%2c%22format%22%3a%2282113%22%2c%22crid%22%3a%222f445ebe-b4e5-49ca-91fa-9484cd9b1013%22%2c%22dsp%22%3a%2280%22%2c%22buyer%22%3a%22204445%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%228721827343437296165%22%7d
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Wed, 04 Sep 2024 01:58:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Thu, 05 Sep 2024 01:58:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
adchoices.css
content.quantcount.com/adchoices/ Frame 5174
4 KB
0
Stylesheet
General
Full URL
https://content.quantcount.com/adchoices/adchoices.css
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-74.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 05:55:28 GMT
content-encoding
gzip
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 15:59:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
age
72177
x-amz-server-side-encryption
AES256
etag
W/"e9cda1f80f07c09ccf744883048aefa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Pe90j2qj8fiWlwDzgyqyhF93maaq0DKfatdqaGB2LV0tP0_z1cQ7vA==
dcmads.js
www.googletagservices.com/dcm/ Frame 5174
18 KB
8 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
sffe /
Resource Hash
47866b8d2915779096be19131efecce0297c2a0c37f581c4e6ee187b13ebb8ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7940
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 14:32:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 04 Sep 2024 02:25:18 GMT
adc.png
content.quantcount.com/adchoices/img/ Frame 5174
2 KB
0
Image
General
Full URL
https://content.quantcount.com/adchoices/img/adc.png
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-74.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 09:32:11 GMT
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 15:59:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
age
59174
x-amz-server-side-encryption
AES256
etag
"be8b83ebe85cdd616b60a6877191ce5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
1828
x-amz-cf-id
F_31FR2vm5X3RyZGE5czGaYqQzkO0bb0G9AzoVUhuveVNOVXWTA3sg==
moatad.js
z.moatads.com/quantcastv2691176990399/ Frame 5174
338 KB
0
Script
General
Full URL
https://z.moatads.com/quantcastv2691176990399/moatad.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
71db7c122a50c94750063e0ea43ee1e3e8a94fa053874830629e94e838ce433d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
UwTq04gdmuhe2+2FEMEysA==
storage-tier
Standard
content-length
116793
last-modified
Tue, 04 Jun 2024 17:59:48 GMT
opc-request-id
iad-1:6ukatg8EWMm8-g2KcCmfRQe87odPiaLHrKvSly6MSvIIKAYYXU-v6CdVd_Ml0Eys
x-api-id
native
etag
c9b42fbc-84e3-47e0-bf23-48ac96f8fa90
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
451979c7-113a-40da-b13d-2fed71c9e66f
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=8016
access-control-allow-credentials
true
accept-ranges
bytes
aip
use1.smartadserver.com/h/ Frame 5174
43 B
231 B
Image
General
Full URL
https://use1.smartadserver.com/h/aip?uii=2493844176666955863&tmstp=3057214572&ckid=8452238319077029474&systgt=%24qc%3d1307149725%3b%24ql%3dHigh%3b%24qpc%3dh2y+2j7%3b%24qt%3d93_1012_37935t%3b%24dma%3d0%3b%24qo%3d6%3b%24b%3d16999%3b%24o%3d99999&acd=1725415101258&envtype=0&opid=c1de261d-62b6-4f43-a40a-b78def3e5ca7&opdt=1725415101258&siteid=321135&tgt=%24dt%3d1t&gdpr=0&bldv=18807&visit=S&statid=1&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fwww.file.io%2fz8Va%2fdownload%2fbdjrHZf7rqWN&cappid=8452238319077029474&capp=0&mcrdbt=0&insid=8894466&imgid=0&pgid=1143513&fmtid=82113&isLazy=0&rtb=1&rtbnid=3490&rtbbid=7722781496954960692&rtbh=7391fcc3c2607b1452c8da3c7894e8fdf3ac4155&rtblt=638610119012621249&rtbet=0&rtbptnid=80&cftgid=58944dd20cb5
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:23 GMT
cache-control
no-cache,no-store
api-supported-versions
1.0
content-type
image/gif
p-9fYuixa7g_Hm2.gif
pixel.quantcount.com/pixel/ Frame 5174
35 B
210 B
Image
General
Full URL
https://pixel.quantcount.com/pixel/p-9fYuixa7g_Hm2.gif?labels=_qc.spend,_qc.image.imp&rtbdata2=EBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYAB4uWkoAy6ARM4NDUyMjM4MzE5MDc3MDI5NDc0wAGA8QTIAd2mhNabMtoBJDNhNTE2NjQ1LTkxY2YtNGE4ZS05NzkwLTJhMDgyYzgzYjI2ZbACDsgCANACzuGG-_if98ypAegCIPICDwjAhD0QhYrRh6O16oOLAfICDwjD7SgQhf-xsOH45oqOAfICDAggENih8fzyw9jyT_gCAIoDBDM0OTCSAwhzbWFydF9hZJgDAKgDALIDBKYAzUa6AxIJ60MSjTroZ_cRR_Nb4YudFaLCAxIJyknltL5eRC8RExCbzYSU-pHIA5qAwBPYA6yHppAH4gMPcC1Gem1LYUJCczNyMHNt6gMGCKwCEPoB8gMJaDNoJTIwMGEx-AMAgASGDYoEBDExNzKaBBIJ5EimVZSqcW4R6gwc-NjCRoSiBBIJ60MSjTroZ_cRR_Nb4YudFaKqBBIJ60MSjTroZ_cRR_Nb4YudFaK4BKgB0AQg8gQCQ0GABQGKBSoyMDBmYTFkZDU2OTM2NjZiNWZhZmNkM2Y5ZjIzYzFkZTMxZDQxZjM2MWOQBQGaBRUgD6HdVpNma1-vzT-fI8HeMdQfNhyiBSRKUHk5X3czLXA2b003WnpCR2RDYXJpelcySzBsOHcyeVRxST24BQDABdT42e8IyAXkzagE0gUGCAIQAxgT4AUB6AUHmgYUChIJ5EimVZSqcW4R6gwc-NjCRoSgBgCoBo7C-xK1Bi8PBzi6Bj4KAkNBEgJRQxiuzAciCG1vbnRyZWFsKgloM2glMjAwYTE6G2FjZSUyMGRhdGElMjBjZW50ZXJzJTIwaW5jLskGN5A0Xavb6gXQBg7YBh7iBh9fZnAuZXZlbnQuUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYQaHR0cHM6Ly92b2lsYS5jYfEGATg0Xavb6gU
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 04 Aug 1978 12:00:00 GMT
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:23 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
content-type
image/gif
p-FzmKaBBs3r0sm.gif
pixel.quantserve.com/pixel/ Frame 5174
35 B
366 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-FzmKaBBs3r0sm.gif?&media=ad&p=0.08&r=979828&rand=1913226156&labels=_qc.imp,_imp.adserver.rtb,_imp.qccampaign.0,_imp.flight.0,_imp.lineitem.0&rtbip=192.184.73.138&rtbdata2=EBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYAB4uWkoAy6ARM4NDUyMjM4MzE5MDc3MDI5NDc0wAGA8QTIAd2mhNabMtoBJDNhNTE2NjQ1LTkxY2YtNGE4ZS05NzkwLTJhMDgyYzgzYjI2ZbACDsgCANACzuGG-_if98ypAegCIPICDwjAhD0QhYrRh6O16oOLAfICDwjD7SgQhf-xsOH45oqOAfICDAggENih8fzyw9jyT_gCAIoDBDM0OTCSAwhzbWFydF9hZJgDAKgDALIDBKYAzUa6AxIJ60MSjTroZ_cRR_Nb4YudFaLCAxIJyknltL5eRC8RExCbzYSU-pHIA5qAwBPYA6yHppAH4gMPcC1Gem1LYUJCczNyMHNt6gMGCKwCEPoB8gMJaDNoJTIwMGEx-AMAgASGDYoEBDExNzKaBBIJ5EimVZSqcW4R6gwc-NjCRoSiBBIJ60MSjTroZ_cRR_Nb4YudFaKqBBIJ60MSjTroZ_cRR_Nb4YudFaK4BKgB0AQg8gQCQ0GABQGKBSoyMDBmYTFkZDU2OTM2NjZiNWZhZmNkM2Y5ZjIzYzFkZTMxZDQxZjM2MWOQBQGaBRUgD6HdVpNma1-vzT-fI8HeMdQfNhyiBSRKUHk5X3czLXA2b003WnpCR2RDYXJpelcySzBsOHcyeVRxST24BQDABdT42e8IyAXkzagE0gUGCAIQAxgT4AUB6AUHmgYUChIJ5EimVZSqcW4R6gwc-NjCRoSgBgCoBo7C-xK1Bi8PBzi6Bj4KAkNBEgJRQxiuzAciCG1vbnRyZWFsKgloM2glMjAwYTE6G2FjZSUyMGRhdGElMjBjZW50ZXJzJTIwaW5jLskGN5A0Xavb6gXQBg7YBh7iBh9fZnAuZXZlbnQuUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYQaHR0cHM6Ly92b2lsYS5jYfEGATg0Xavb6gU&fpan=1&fpa=P0-823980441-1725415100531&d=file.io&et=1725415103411&sr=1600x1200x24&tzo=420
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 11 Sep 2024 01:58:23 GMT
date
Wed, 04 Sep 2024 01:58:23 GMT
cache-control
private, no-transform, max-age=604800
strict-transport-security
max-age=86400
attribution-reporting-register-source
{"destination":"https://voila.ca","source_event_id":"426394643789527041","expiry":"604800","filter_data":{"label":["3o2e2QHbYNclLHxdwuIYNQ=="],"pcode":["p-FzmKaBBs3r0sm"]}}
content-length
35
content-type
image/gif
action
www14.smartadserver.com/track/ Frame 9BC8
43 B
141 B
Image
General
Full URL
https://www14.smartadserver.com/track/action?sid=1725415102184&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=impressionsonrender&rtb=1&rtbbid=7722781496954960692&rtbet=0&rtblt=638610119012621249&rtbnid=3490&rtbh=7391fcc3c2607b1452c8da3c7894e8fdf3ac4155&ts=1725415102184
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

api-supported-versions
1.0
date
Wed, 04 Sep 2024 01:58:23 GMT
content-type
image/gif
join-ad-interest-groups.html
proton.ad.gt/ Frame 84A2
0
0
Document
General
Full URL
https://proton.ad.gt/join-ad-interest-groups.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
ad-auction-allowed
true
age
818
apigw-requestid
djNV-iXNvHcESgg=
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8bda5fd23e64b404-YYZ
content-encoding
br
content-type
text/html
date
Wed, 04 Sep 2024 01:58:24 GMT
last-modified
Tue, 03 Sep 2024 22:36:09 GMT
server
cloudflare
supports-loading-mode
fenced-frame
vary
Accept-Encoding
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 4658
0
0
Document
General
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22e6f047cb-1e6c-495c-b4d4-5d0e4d3c33ad%22%2c%22adomain%22%3a%22voila.ca%22%2c%22page%22%3a%221143513%22%2c%22format%22%3a%2282113%22%2c%22crid%22%3a%22eec7f6f4-a4c0-4f42-81aa-dab7ccb8290f%22%2c%22dsp%22%3a%2280%22%2c%22buyer%22%3a%22204445%22%2c%22cid%22%3a%22%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%223350171386312118056%22%7d
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Wed, 04 Sep 2024 01:58:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Thu, 05 Sep 2024 01:58:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
adchoices.css
content.quantcount.com/adchoices/ Frame 42FE
4 KB
0
Stylesheet
General
Full URL
https://content.quantcount.com/adchoices/adchoices.css
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-74.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 05:55:28 GMT
content-encoding
gzip
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 15:59:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
age
72177
x-amz-server-side-encryption
AES256
etag
W/"e9cda1f80f07c09ccf744883048aefa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Pe90j2qj8fiWlwDzgyqyhF93maaq0DKfatdqaGB2LV0tP0_z1cQ7vA==
dcmads.js
www.googletagservices.com/dcm/ Frame 42FE
18 KB
0
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
sffe /
Resource Hash
47866b8d2915779096be19131efecce0297c2a0c37f581c4e6ee187b13ebb8ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7940
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 14:32:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 04 Sep 2024 02:25:18 GMT
adc.png
content.quantcount.com/adchoices/img/ Frame 42FE
2 KB
0
Image
General
Full URL
https://content.quantcount.com/adchoices/img/adc.png
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-74.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 09:32:11 GMT
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 15:59:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
age
59174
x-amz-server-side-encryption
AES256
etag
"be8b83ebe85cdd616b60a6877191ce5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
1828
x-amz-cf-id
F_31FR2vm5X3RyZGE5czGaYqQzkO0bb0G9AzoVUhuveVNOVXWTA3sg==
moatad.js
z.moatads.com/quantcastv2691176990399/ Frame 42FE
338 KB
0
Script
General
Full URL
https://z.moatads.com/quantcastv2691176990399/moatad.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
71db7c122a50c94750063e0ea43ee1e3e8a94fa053874830629e94e838ce433d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
UwTq04gdmuhe2+2FEMEysA==
storage-tier
Standard
content-length
116793
last-modified
Tue, 04 Jun 2024 17:59:48 GMT
opc-request-id
iad-1:6ukatg8EWMm8-g2KcCmfRQe87odPiaLHrKvSly6MSvIIKAYYXU-v6CdVd_Ml0Eys
x-api-id
native
etag
c9b42fbc-84e3-47e0-bf23-48ac96f8fa90
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
451979c7-113a-40da-b13d-2fed71c9e66f
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=8016
access-control-allow-credentials
true
accept-ranges
bytes
aip
use1.smartadserver.com/h/ Frame 42FE
43 B
231 B
Image
General
Full URL
https://use1.smartadserver.com/h/aip?uii=613929450151894313&tmstp=3821014223&ckid=8452238319077029474&systgt=%24qc%3d1307149725%3b%24ql%3dHigh%3b%24qpc%3dh2y+2j7%3b%24qt%3d93_1012_37935t%3b%24dma%3d0%3b%24qo%3d6%3b%24b%3d16999%3b%24o%3d99999&acd=1725415102078&envtype=0&opid=5969244e-9c43-4689-a6b3-de3074e61a32&opdt=1725415102078&siteid=321135&tgt=%24dt%3d1t%3b%24hc&gdpr=0&bldv=18807&visit=S&statid=1&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fwww.file.io%2fz8Va%2fdownload%2fbdjrHZf7rqWN&cappid=8452238319077029474&capp=0&mcrdbt=0&insid=8894466&imgid=0&pgid=1143513&fmtid=82113&isLazy=0&rtb=1&rtbnid=3490&rtbbid=3191600988495665838&rtbh=7c15d2d65d0d784969d1d34c6fe279050796c7c3&rtblt=638610119020821005&rtbet=0&rtbptnid=80&cftgid=9d6e4900e8b1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
cache-control
no-cache,no-store
api-supported-versions
1.0
content-type
image/gif
p-9fYuixa7g_Hm2.gif
pixel.quantcount.com/pixel/ Frame 42FE
35 B
210 B
Image
General
Full URL
https://pixel.quantcount.com/pixel/p-9fYuixa7g_Hm2.gif?labels=_qc.spend,_qc.image.imp&rtbdata2=EBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYAB0oiD7Q66ARM4NDUyMjM4MzE5MDc3MDI5NDc0wAGA8QTIAZmthNabMtoBJGJjMDA2OGI1LTlmOGEtNDczNS1iOGZjLWNlYmZlYTAyYzJmMrACDsgCANACzuGG-_if98ypAegCIPICDwjAhD0QhYrRh6O16oOLAfICDwiT4TQQhf-xsOH45oqOAfICDAggENih8fzyw9jyT_gCAIoDBDM0OTCSAwhzbWFydF9hZJgDAKgDALIDBKYAzUa6AxIJ60MSjTroZ_cRR_Nb4YudFaLCAxIJQk_ApPT2x-4RDym4zLfaqoHIA5qAwBPYA5f39XriAw9wLUZ6bUthQkJzM3Iwc23qAwYIoAEQ2ATyAwloM2glMjAwYTH4AwCABIYNigQEMTE3MpoEEgnkSKZVlKpxbhHqDBz42MJGhKIEEgnrQxKNOuhn9xFH81vhi50VoqoEEgnrQxKNOuhn9xFH81vhi50VorgEqAHQBCDyBAJDQYAFAYoFKjIwMGZhMWRkNTY5MzY2NmI1ZmFmY2QzZjlmMjNjMWRlMzFkNDFmMzYxY5AFAZoFFSAPod1Wk2ZrX6_NP58jwd4x1B82HKIFJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPbgFAMAFl_f1esgF5M2oBNIFBggCEAQYI-gFB5oGFAoSCeRIplWUqnFuEeoMHPjYwkaEoAYAqAbKyPsStQboDwc4ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBkIQN5mu2-oF0AYO2AYe4gYfX2ZwLmV2ZW50LlB1cmNoYXNlIENvbmZpcm1hdGlvbuoGEGh0dHBzOi8vdm9pbGEuY2HxBgOANpmu2-oF
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 04 Aug 1978 12:00:00 GMT
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
content-type
image/gif
p-FzmKaBBs3r0sm.gif
pixel.quantserve.com/pixel/ Frame 42FE
35 B
366 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-FzmKaBBs3r0sm.gif?&media=ad&p=0.08&r=956761&rand=257784727&labels=_qc.imp,_imp.adserver.rtb,_imp.qccampaign.0,_imp.flight.0,_imp.lineitem.0&rtbip=192.184.73.166&rtbdata2=EBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYAB0oiD7Q66ARM4NDUyMjM4MzE5MDc3MDI5NDc0wAGA8QTIAZmthNabMtoBJGJjMDA2OGI1LTlmOGEtNDczNS1iOGZjLWNlYmZlYTAyYzJmMrACDsgCANACzuGG-_if98ypAegCIPICDwjAhD0QhYrRh6O16oOLAfICDwiT4TQQhf-xsOH45oqOAfICDAggENih8fzyw9jyT_gCAIoDBDM0OTCSAwhzbWFydF9hZJgDAKgDALIDBKYAzUa6AxIJ60MSjTroZ_cRR_Nb4YudFaLCAxIJQk_ApPT2x-4RDym4zLfaqoHIA5qAwBPYA5f39XriAw9wLUZ6bUthQkJzM3Iwc23qAwYIoAEQ2ATyAwloM2glMjAwYTH4AwCABIYNigQEMTE3MpoEEgnkSKZVlKpxbhHqDBz42MJGhKIEEgnrQxKNOuhn9xFH81vhi50VoqoEEgnrQxKNOuhn9xFH81vhi50VorgEqAHQBCDyBAJDQYAFAYoFKjIwMGZhMWRkNTY5MzY2NmI1ZmFmY2QzZjlmMjNjMWRlMzFkNDFmMzYxY5AFAZoFFSAPod1Wk2ZrX6_NP58jwd4x1B82HKIFJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPbgFAMAFl_f1esgF5M2oBNIFBggCEAQYI-gFB5oGFAoSCeRIplWUqnFuEeoMHPjYwkaEoAYAqAbKyPsStQboDwc4ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBkIQN5mu2-oF0AYO2AYe4gYfX2ZwLmV2ZW50LlB1cmNoYXNlIENvbmZpcm1hdGlvbuoGEGh0dHBzOi8vdm9pbGEuY2HxBgOANpmu2-oF&fpan=1&fpa=P0-823980441-1725415100531&d=file.io&et=1725415103565&sr=1600x1200x24&tzo=420
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 11 Sep 2024 01:58:24 GMT
date
Wed, 04 Sep 2024 01:58:24 GMT
cache-control
private, no-transform, max-age=604800
strict-transport-security
max-age=86400
attribution-reporting-register-source
{"destination":"https://voila.ca","source_event_id":"426394657681211395","expiry":"604800","filter_data":{"label":["3o2e2QHbYNclLHxdwuIYNQ=="],"pcode":["p-FzmKaBBs3r0sm"]}}
content-length
35
content-type
image/gif
action
www14.smartadserver.com/track/ Frame DD95
43 B
141 B
Image
General
Full URL
https://www14.smartadserver.com/track/action?sid=1725415103148&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=impressionsonrender&rtb=1&rtbbid=3191600988495665838&rtbet=0&rtblt=638610119020821005&rtbnid=3490&rtbh=7c15d2d65d0d784969d1d34c6fe279050796c7c3&ts=1725415103148
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

api-supported-versions
1.0
date
Wed, 04 Sep 2024 01:58:23 GMT
content-type
image/gif
p-UqX1PsUJcNgVs.gif
pixel-ssn.quantcount.com/pixel/ Frame EE42
Redirect Chain
  • https://exch.quantcount.com/pixel/p-UqX1PsUJcNgVs.gif?iid=426394643856496641&labels=_qc.extra_user_agent&platform=&platformVersion=&model=
  • https://pixel-ssn.quantcount.com/pixel/p-UqX1PsUJcNgVs.gif?iid=426394643856496641&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=943fadb2-935b-4e6e-a5ab-7f0d199c90d9
35 B
355 B
Image
General
Full URL
https://pixel-ssn.quantcount.com/pixel/p-UqX1PsUJcNgVs.gif?iid=426394643856496641&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=943fadb2-935b-4e6e-a5ab-7f0d199c90d9
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-UqX1PsUJcNgVs"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-UqX1PsUJcNgVs"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
content-type
image/gif
location
https://pixel-ssn.quantcount.com/pixel/p-UqX1PsUJcNgVs.gif?iid=426394643856496641&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=943fadb2-935b-4e6e-a5ab-7f0d199c90d9
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
track_enc
track.venatusmedia.com/dual/
16 B
161 B
XHR
General
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.192.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-192-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:24 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
p-FzmKaBBs3r0sm.gif
pixel-ssn.quantcount.com/pixel/ Frame 5174
Redirect Chain
  • https://exch.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394643789527041&labels=_qc.extra_user_agent&platform=&platformVersion=&model=
  • https://pixel-ssn.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394643789527041&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=a493b77c-11bb-4f3f-97e3-926c0129d5f3
35 B
354 B
Image
General
Full URL
https://pixel-ssn.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394643789527041&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=a493b77c-11bb-4f3f-97e3-926c0129d5f3
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-FzmKaBBs3r0sm"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-FzmKaBBs3r0sm"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
content-type
image/gif
location
https://pixel-ssn.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394643789527041&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=a493b77c-11bb-4f3f-97e3-926c0129d5f3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
AGSKWxUWEAwxuvkT6Iw_yBjdJE8MP6JaUavviLnX6z7PyTJTPWb2JiyZytTaFO6QusUPt4VzUigTkugo7wPqzGwSOmzdmaz6gulmWDYH3D-vyOa0h2DK8EiVPfIgyPICkadWYi7jG90VYg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUWEAwxuvkT6Iw_yBjdJE8MP6JaUavviLnX6z7PyTJTPWb2JiyZytTaFO6QusUPt4VzUigTkugo7wPqzGwSOmzdmaz6gulmWDYH3D-vyOa0h2DK8EiVPfIgyPICkadWYi7jG90VYg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WZuZu4XB22uNF_w7iI6sRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-WZuZu4XB22uNF_w7iI6sRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0gDi9BmsQUDsrnWR1R-Il0RcZD2UeJF178dLrEeBWIib48Dfe9vYBDY82pig5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMLA2M9AzM4wsMAFwALmM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUWEAwxuvkT6Iw_yBjdJE8MP6JaUavviLnX6z7PyTJTPWb2JiyZytTaFO6QusUPt4VzUigTkugo7wPqzGwSOmzdmaz6gulmWDYH3D-vyOa0h2DK8EiVPfIgyPICkadWYi7jG90VYg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUWEAwxuvkT6Iw_yBjdJE8MP6JaUavviLnX6z7PyTJTPWb2JiyZytTaFO6QusUPt4VzUigTkugo7wPqzGwSOmzdmaz6gulmWDYH3D-vyOa0h2DK8EiVPfIgyPICkadWYi7jG90VYg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qIlQpEWo82tp-fUz4AHNuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qIlQpEWo82tp-fUz4AHNuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDkO_L23jU3gxJ_PSUouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDSwEjPwDy-wAAAgpUu5A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX9fmvci9pUoVRW8S5vZW06MSfwEiijH2qJGBBc7X15sI0khjuSkDeRvyJjNCagOj1tA9uRFbprlDtc1mrVdOkVQEn8s48Bkw7-a3OvSWnBcbXlMxhGZgUieUvlO5kLzuuBoKK1tg==
fundingchoicesmessages.google.com/f/
8 KB
3 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX9fmvci9pUoVRW8S5vZW06MSfwEiijH2qJGBBc7X15sI0khjuSkDeRvyJjNCagOj1tA9uRFbprlDtc1mrVdOkVQEn8s48Bkw7-a3OvSWnBcbXlMxhGZgUieUvlO5kLzuuBoKK1tg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1NDE1MTA0LDE2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZpbGUuaW8vejhWYS9kb3dubG9hZC9iZGpySFpmN3JxV04iLG51bGwsW1s4LCJmcEZCU2hKekJGSSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10f11b81a495bb23b3255a7268b9e9f4defeadfd46674f1499f1733eea04ff1e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hZv3AggPHAqY-PqXv41nhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-hZv3AggPHAqY-PqXv41nhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtHikmJw0pBiUAzbyXTy1m2mi0B83ukO03Uglvj6kkkDiJ3SZ7AGAbFP_QzWGCBuvXmOdSoQJ_07z1oExO5aF1n9gXhJxEXWQ4kXWQ0VLrE6ArFqzyVWUyC-v-4S63Mg3vvxEutRIBbi5jjw9942NoEV93szlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLA2M9AxM4wsMALfmR_c"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
p-FzmKaBBs3r0sm.gif
pixel-ssn.quantcount.com/pixel/ Frame 42FE
Redirect Chain
  • https://exch.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394657681211395&labels=_qc.extra_user_agent&platform=&platformVersion=&model=
  • https://pixel-ssn.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394657681211395&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=267f7780-6728-409d-a65b-25493d178297
35 B
354 B
Image
General
Full URL
https://pixel-ssn.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394657681211395&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=267f7780-6728-409d-a65b-25493d178297
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-FzmKaBBs3r0sm"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-FzmKaBBs3r0sm"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
content-type
image/gif
location
https://pixel-ssn.quantcount.com/pixel/p-FzmKaBBs3r0sm.gif?iid=426394657681211395&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=267f7780-6728-409d-a65b-25493d178297
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ui.js
player.avplayer.com/script/8.3/v/
376 KB
78 KB
Script
General
Full URL
https://player.avplayer.com/script/8.3/v/ui.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e2f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5e0558e578dc1d36173b4b9e0963c81b981d9119cb7134c8f6345330b6d32797

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-encoding
gzip
x-guploader-uploadid
AD-8ljuIMrc3BSj7ieaNfjd05Z6pCgKPjQ9n1DLU5HF1EEARgaGD-Axflu6bY2tlD3Xp9caXd-bS7mHVLA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
79047
last-modified
Mon, 02 Sep 2024 08:25:36 GMT
server
UploadServer
etag
"28a22e8d986f6c5173cd4f15c255150e"
vary
Accept-Encoding
x-goog-generation
1725265536475873
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=wMWDZA==, md5=KKIujZhvbFFzzU8VwlUVDg==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=300
x-goog-stored-content-length
79047
accept-ranges
bytes
expires
Wed, 04 Sep 2024 02:03:24 GMT
AGSKWxU9rso5oAazRe5g8P3eBNMtFsY5N8OnIz1ENX7Gq7S-xOmj6tN2nnYvK6xfWVv9V-EIYG6kLjg-B2KNUJJ5X_YjLgiSErl7p9wSKZ9cT2gwkLA0VvlZaaUV9iVJdRTJd5ejWOyJNQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU9rso5oAazRe5g8P3eBNMtFsY5N8OnIz1ENX7Gq7S-xOmj6tN2nnYvK6xfWVv9V-EIYG6kLjg-B2KNUJJ5X_YjLgiSErl7p9wSKZ9cT2gwkLA0VvlZaaUV9iVJdRTJd5ejWOyJNQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1NDE1MTA0LDQxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZpbGUuaW8vejhWYS9kb3dubG9hZC9iZGpySFpmN3JxV04iLG51bGwsW1s4LCJmcEZCU2hKekJGSSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c0cd4748cf8e133d8aa6e45d42b54e257b58ec498a3e073e1270e5636c72b7d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aO4n583CRuFda5KohDj77A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aO4n583CRuFda5KohDj77A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYFYtecSqykQ3193ifU5EO_9eIn1KBAL8XAc-HtvG5vAjvk_7jMqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRhYGhjpGZjGFxgAACL-Qmg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=QUANTCAST3&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1725415104428&de=35152038867&m=0&ar=77fe5126-clean&iw=f31153f&q=2&cb=0&ym=0&cu=1725415104428&ll=1&lm=0&ln=1&r=0&em=0&en=0&d=p-UqX1PsUJcNgVs%3Aqfm%3Acf19a1c6-b4ea-46cc-9b0b-790de6353e3c%3Af195585e-4918-4d0d-ba8a-59a573ba987c&cadf=-&zMoatuid=wufM95PlxKWK48Xwlf_Jp5Li0KnFsZ68nufKqMbrmKHC5sqkD10-ag&uid=wufM95PlxKWK48Xwlf_Jp5Li0KnFsZ68nufKqMbrmKHC5sqkD10-ag&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&bo=file.io&bd=-&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=quantcastv2691176990399&fd=1&it=500&ti=0&ih=2&pe=1%3A2483%3A2483%3A2920%3A1048&jm=-1&fs=45&na=1864884840&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:24 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&ctr=0&campaign=qfm&lineitem=cf19a1c6-b4ea-46cc-9b0b-790de6353e3c&creative=f195585e-4918-4d0d-ba8a-59a573ba987c&uid=wufM95PlxKWK48Xwlf_Jp5Li0KnFsZ68nufKqMbrmKHC5sqkD10-ag&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 04 Aug 1978 12:00:00 GMT
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
content-type
image/gif
event
p.ad.gt/api/v1/
0
35 B
XHR
General
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:25 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8bda5fd69bb1398d-YYZ
vary
Origin
impl_v101.js
www.googletagservices.com/dcm/ Frame 5174
60 KB
24 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v101.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
sffe /
Resource Hash
4ad68c8b729e22717f327f8d8a5465366772f15b18a479115b0e71a450f790bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24223
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 16:06:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Sep 2025 14:25:19 GMT
envelope
lexicon.33across.com/v1/
42 B
240 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=8.38.0&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&pbt=1&lsw=1&gdpr=0
  • https://mug.criteo.com/sid?cpp=mzHOG3xWV2pvdmNDRkZUNUJIOXNORk5abDROYzRveTBiSkg1aVhOdFNuVWtyRlE5RlJxamVmRDd3eS9pWC9xSmZCc1NJZm94dTFDc3hvNUxvWFBHdktBcmVNSkIzbGhEeWRRK3NpcDBkR3lIaWw3eVlUTXcycThZanBoWC...
336 B
631 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=mzHOG3xWV2pvdmNDRkZUNUJIOXNORk5abDROYzRveTBiSkg1aVhOdFNuVWtyRlE5RlJxamVmRDd3eS9pWC9xSmZCc1NJZm94dTFDc3hvNUxvWFBHdktBcmVNSkIzbGhEeWRRK3NpcDBkR3lIaWw3eVlUTXcycThZanBoWCtlMlVvbHFWSDIraXRjYWREbXY3V3JiSWZjZFozNERtU1huOE1MczVFUHV5ZjFkWis4dkh2c3VCNFJoSmdaN25HTFhOQnc5ZFVhUGs4OUs1WFgrVmlOemZzZElvZWU4dGNCeVNsSTRTb0NqM3lrbEZseFhncW1jNVNiRTIyUGRlUGM2b09EVGs0fA&cppv=2
Protocol
H2
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
387e2f8e327c810d7322f7e5c6222fb3e665a2c5446338e305286610de7b891b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
515061
expires
0

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.file.io
location
https://mug.criteo.com/sid?cpp=mzHOG3xWV2pvdmNDRkZUNUJIOXNORk5abDROYzRveTBiSkg1aVhOdFNuVWtyRlE5RlJxamVmRDd3eS9pWC9xSmZCc1NJZm94dTFDc3hvNUxvWFBHdktBcmVNSkIzbGhEeWRRK3NpcDBkR3lIaWw3eVlUTXcycThZanBoWCtlMlVvbHFWSDIraXRjYWREbXY3V3JiSWZjZFozNERtU1huOE1MczVFUHV5ZjFkWis4dkh2c3VCNFJoSmdaN25HTFhOQnc5ZFVhUGs4OUs1WFgrVmlOemZzZElvZWU4dGNCeVNsSTRTb0NqM3lrbEZseFhncW1jNVNiRTIyUGRlUGM2b09EVGs0fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
278912
content-length
0
expires
0
prebid
id5-sync.com/api/config/
167 B
444 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f109fb86a2063da780a15199ec713f0446549160684bc05c3ef6829652dd428d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/
108 B
757 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3866028ac748863d614b6132fdbea0dc53c58ef89bfb436c9b1e80a4fdb6709

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 04 Oct 2024 01:58:24 GMT
envelope
api.rlcdn.com/api/identity/
0
0

pbhid
id.hadron.ad.gt/api/v1/
227 B
219 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=288&_it=prebid&t=1&src=id&gdpr=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-encoding
br
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
8bda5fd5fb50aabf-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
sync
eb2.3lift.com/ Frame A755
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1072
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 01:58:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
isync
visitor.omnitagjs.com/visitor/ Frame 4794
0
0
Document
General
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1689
content-type
text/html; charset=UTF-8
date
Wed, 04 Sep 2024 01:58:25 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F292
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.193.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-193-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=66531
content-encoding
gzip
content-length
5633
content-type
text/html
date
Wed, 04 Sep 2024 01:58:25 GMT
expires
Wed, 04 Sep 2024 20:27:16 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
event
p.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://p.ad.gt/api/v1/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.file.io
allow
OPTIONS, POST
cf-cache-status
DYNAMIC
cf-ray
8bda5fd5fb01398d-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 01:58:25 GMT
server
cloudflare
vary
Origin
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 04 Sep 2024 01:58:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
170169
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame 01D7
0
0
Document
General
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=78c1e252-d468-42bc-b049-e4708031a075&publisherId=OZONEVEN0005&siteId=3500000651&cb=1725415101634&bidder=ozone
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8bda5fd7db33ab96-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 01:58:25 GMT
expires
0
last-modified
Tue, 03 Sep 2024 10:12:30 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
isyn
sync.a-mo.net/ Frame 6C6F
0
0
Document
General
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CpQCSgt3d3cuZmlsZS5pb1ILYWFzLTUxZTZjYWNaCHBiYTEuMy40agt3d3cuZmlsZS5pb_oBBjguMzguMOgCAYgDvf3etgaoAynqAyQ3OTAwYmRjYy1kNGU2LTRiYWMtOTI1Yi0wMTY5MmZkZGU2MzSiBC5odHRwczovL3d3dy5maWxlLmlvL3o4VmEvZG93bmxvYWQvYmRqckhaZjdycVdOqgQDSVNQsgUDVVNE6gUHZGVza3RvcPoFA2FzaMAGAMgGAdIGIEExMjgxOTdBRjI3RjRBRkI5NEQ2MEY1QUJFODJCQUUwqgcDd2ViygcHZmlsZS5pb-AHAYIIB2ZpbGUuaW-KCAZjaHJvbWWZCAAAAAAACAAA
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
125.253.89.182 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
653
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 01:58:25 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
3
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0EF2
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
56700
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 04 Sep 2024 01:58:25 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
924837, 206768
X-Served-By
cache-lga21993-LGA, cache-yul1970051-YUL
X-Timer
S1725415106.544440,VS0,VE0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough
  • https://eexsync.com/ztgl358.gif?gdpr=0&gdpr_consent=&us_privacy=&coppa=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D38%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS02NDcwZmQ0Ny00MDUzLTMy...
  • https://ssp.disqus.com/match?bidder=38&buyeruid=8182a99be799a82884b755894bd168cc4c93b699548a7226e063323cbf22e68c&r=Cid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqgAFodHRwczovL21hdGNoLnNoYX...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-6470fd47-4053-32e8-8003-3b36234e61b5&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
  • https://ssp.disqus.com/match?bidder=12&buyeruid=JRd2ALZHibusND0NQjeMEK8z&r=Cid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqgAFodHRwczovL21hdGNoLnNoYXJldGhyb3VnaC5jb20vc3luYy92MT9zb3VyY2VfaW...
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-6470fd47-4053-32e8-8003-3b36234e61b5
68 B
323 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-6470fd47-4053-32e8-8003-3b36234e61b5
Protocol
H2
Server
54.224.103.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-103-108.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-6470fd47-4053-32e8-8003-3b36234e61b5
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
cache-control
no-store
content-length
0
expires
0
usersync.aspx
dis.criteo.com/dis/
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06%26source_user_id%3D%40%40CRITEO_USERID%40%40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
199774
expires
Wed, 04 Sep 2024 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=77c79248-d765-4dff-b399-d5cbd1628181&gdpr=0&gdpr_consent=
68 B
324 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=77c79248-d765-4dff-b399-d5cbd1628181&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.224.103.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-103-108.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=77c79248-d765-4dff-b399-d5cbd1628181&gdpr=0&gdpr_consent=
date
Wed, 04 Sep 2024 01:58:25 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212774289754996
68 B
323 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212774289754996
Protocol
H2
Server
54.224.103.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-103-108.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:24 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212774289754996
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
impl_v101.js
www.googletagservices.com/dcm/ Frame 42FE
60 KB
0
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v101.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
sffe /
Resource Hash
4ad68c8b729e22717f327f8d8a5465366772f15b18a479115b0e71a450f790bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24223
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 16:06:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Sep 2025 14:25:19 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fassets.quantcount.com%2F597f253e3b81df455603d216149e6e81b2605344&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415104428&de=35152038867&cu=1725415104428&m=342&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=231&cd=0&ah=231&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=p-UqX1PsUJcNgVs%3Aqfm%3Acf19a1c6-b4ea-46cc-9b0b-790de6353e3c%3Af195585e-4918-4d0d-ba8a-59a573ba987c&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=wufM95PlxKWK48Xwlf_Jp5Li0KnFsZ68nufKqMbrmKHC5sqkD10-ag&uid=wufM95PlxKWK48Xwlf_Jp5Li0KnFsZ68nufKqMbrmKHC5sqkD10-ag&hv=DOMSEARCH&ab=2&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=1089891242&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:25 GMT
sprite.svg
player.avplayer.com/script/8.3/v/assets/
15 KB
5 KB
XHR
General
Full URL
https://player.avplayer.com/script/8.3/v/assets/sprite.svg
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e2f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
2175ad8124e9bcb46467b188eb1e2c04c911b791251e8354ff7d6dc344f4a2ba

Request headers

Accept
image/svg
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:25 GMT
content-encoding
gzip
x-guploader-uploadid
AD-8ljuk9jJmCPd1rdmCoWja1tIyjbWgfIkPtULq4IU4zUvGqgYXSmnHT38_smIYNqw7qX-sYlY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
4953
last-modified
Mon, 02 Sep 2024 08:25:36 GMT
server
UploadServer
etag
"5b45e194ec2e0fb66829669cc5e45c36"
vary
Accept-Encoding
x-goog-generation
1725265536004803
content-type
image/svg+xml; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=LGDiXQ==, md5=W0XhlOwuD7ZoKWacxeRcNg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, no-transform, max-age=300
x-goog-stored-content-length
4953
accept-ranges
bytes
expires
Wed, 04 Sep 2024 02:03:25 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 4BB2
501 KB
146 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e44 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
33e9f0adac6b44db948aeadd9836d361bdecc88f5733ddc1f33963e354ea03d4

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:26 GMT
Content-Encoding
gzip
X-GUploader-UploadID
AD-8ljskXxBWmCmmML8ohBYep8aw4qCJ8j30l9uvVbUUWb04AsI18GRnEonf776NyDvNDmka110
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
148334
Last-Modified
Mon, 02 Sep 2024 08:13:16 GMT
Server
UploadServer
ETag
"4716781a5e11b53d9ce9291e94555857"
Vary
Accept-Encoding
x-goog-generation
1725264796766641
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=f9VBSQ==, md5=RxZ4Gl4RtT2c6SkelFVYVw==
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, no-transform, max-age=900
x-goog-stored-content-length
148334
Accept-Ranges
bytes
Expires
Wed, 04 Sep 2024 02:13:26 GMT
VenatusLogoVideoPlayer.png
play.aniview.com/5f2063121d82c82557194737/649e849ff783dea147003ee4/
22 KB
23 KB
Image
General
Full URL
https://play.aniview.com/5f2063121d82c82557194737/649e849ff783dea147003ee4/VenatusLogoVideoPlayer.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:e800:c8e::2c79 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0e6793d503dab31054f9bd9fae79408db374713aa1b8524b678feb477e292b1e

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:26 GMT
X-GUploader-UploadID
ABPtcPpYs7jEWAd28h-mw73KEX9bdZ4lQ-a-PI48SsNrBecOY_QqW5whsd-pMleFGmUb-S_BFUN9cUAoK5khMTKOnhCaplcXa1mH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
22280
Last-Modified
Fri, 30 Jun 2023 07:30:46 GMT
Server
UploadServer
ETag
"828ea356e578f2461851df4c764afce2"
Vary
Origin
x-goog-generation
1688110246115598
x-goog-hash
crc32c=S2ZCWg==, md5=go6jVuV48kYYUd9Mdkr84g==
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type, range
Cache-Control
public, max-age=1800
Access-Control-Allow-Credentials
false
x-goog-stored-content-length
22280
Accept-Ranges
bytes
Expires
Wed, 04 Sep 2024 02:28:26 GMT
b8b37a28-1f81-4a53-933e-3f6d943b41b4.webp
content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/
22 KB
22 KB
Image
General
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/b8b37a28-1f81-4a53-933e-3f6d943b41b4.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e2f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1ed4b05ef16d0f397ce3004af611093fc12b26c09674e0bf5477ae5bb3ddd923

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
x-guploader-uploadid
AD-8ljsH56NqlgJW5diT-x9-gEBxYE9DaNrNZAUtXaRAgBE99BFEFqOlQajiiQhfdceDLW1iRLo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
22234
last-modified
Mon, 02 Sep 2024 02:56:47 GMT
server
UploadServer
etag
"29c090a8b7132fc1ef19f88c03815f3c"
x-goog-hash
crc32c=ATqExw==, md5=KcCQqLcTL8HvGfiMA4FfPA==
x-goog-generation
1725245807802016
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
22234
accept-ranges
bytes
expires
Fri, 04 Oct 2024 01:58:26 GMT
B31830695.399616786;dc_ver=101.296;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=2669637487;ord=892kz1;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-FzmKaBBs3r0sm%26labels%3D_qc.cl...
ad.doubleclick.net/ddm/adi/N7372.245881CADREON/ Frame 493A
0
0
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N7372.245881CADREON/B31830695.399616786;dc_ver=101.296;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=2669637487;ord=892kz1;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-FzmKaBBs3r0sm%26labels%3D_qc.clk%2C_click.adserver.rtb%2C_click.rand.1913226156%26rtbip%3D192.184.73.138%26rtbdata2%3DEBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYAB4uWkoAy6ARM4NDUyMjM4MzE5MDc3MDI5NDc0wAGA8QTIAd2mhNabMtoBJDNhNTE2NjQ1LTkxY2YtNGE4ZS05NzkwLTJhMDgyYzgzYjI2ZbACDsgCANACzuGG-_if98ypAegCIPICDwjAhD0QhYrRh6O16oOLAfICDwjD7SgQhf-xsOH45oqOAfICDAggENih8fzyw9jyT_gCAIoDBDM0OTCSAwhzbWFydF9hZJgDAKgDALIDBKYAzUa6AxIJ60MSjTroZ_cRR_Nb4YudFaLCAxIJyknltL5eRC8RExCbzYSU-pHIA5qAwBPYA6yHppAH4gMPcC1Gem1LYUJCczNyMHNt6gMGCKwCEPoB8gMJaDNoJTIwMGEx-AMAgASGDYoEBDExNzKaBBIJ5EimVZSqcW4R6gwc-NjCRoSiBBIJ60MSjTroZ_cRR_Nb4YudFaKqBBIJ60MSjTroZ_cRR_Nb4YudFaK4BKgB0AQg8gQCQ0GABQGKBSoyMDBmYTFkZDU2OTM2NjZiNWZhZmNkM2Y5ZjIzYzFkZTMxZDQxZjM2MWOQBQGaBRUgD6HdVpNma1-vzT-fI8HeMdQfNhyiBSRKUHk5X3czLXA2b003WnpCR2RDYXJpelcySzBsOHcyeVRxST24BQDABdT42e8IyAXkzagE0gUGCAIQAxgT4AUB6AUHmgYUChIJ5EimVZSqcW4R6gwc-NjCRoSgBgCoBo7C-xK1Bi8PBzi6Bj4KAkNBEgJRQxiuzAciCG1vbnRyZWFsKgloM2glMjAwYTE6G2FjZSUyMGRhdGElMjBjZW50ZXJzJTIwaW5jLskGN5A0Xavb6gXQBg7YBh7iBh9fZnAuZXZlbnQuUHVyY2hhc2UgQ29uZmlybWF0aW9u6gYQaHR0cHM6Ly92b2lsYS5jYfEGATg0Xavb6gU%26redirecturl3%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN$0;xdt=0;crlt=M06yUEtDgK;cmpl=8;gcsr=m;stc=1;chaa=1;sttr=1122;prcl=s
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
32083
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 01:58:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&ctr=0&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=2f445ebe-b4e5-49ca-91fa-9484cd9b1013&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 04 Aug 1978 12:00:00 GMT
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
content-type
image/gif
AGSKWxXBlvHQnIHdqWd8ovZOf3Avo48n5brYoQ8MatuafDmOkCrsGoNAYHKXoSR_GjN-dx3PJnRhkKttfuLyGrPgzxSwKOwNDoR983iSlsnuhmteDPnHDNLgfAWEJ2Tt5jhDDyKQqtnGpg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXBlvHQnIHdqWd8ovZOf3Avo48n5brYoQ8MatuafDmOkCrsGoNAYHKXoSR_GjN-dx3PJnRhkKttfuLyGrPgzxSwKOwNDoR983iSlsnuhmteDPnHDNLgfAWEJ2Tt5jhDDyKQqtnGpg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1NDE1MTA2LDEyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZmlsZS5pby96OFZhL2Rvd25sb2FkL2JkanJIWmY3cnFXTiIsbnVsbCxbWzgsImZwRkJTaEp6QkZJIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b21a45e681015a954968aba5df405351199c3f13ace96c36a8790ff35d9e729
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TUWW67c4ow7i6BZAuh73Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-TUWW67c4ow7i6BZAuh73Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYFYtecSqykQ3193ifU5EO_9eIn1KBALcXMc-ntvG5vAie6lgUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBpYGRnoGpvEFBgDLKUGI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/66d5296e96bad917630cc309/
267 KB
0
Media
General
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/66d5296e96bad917630cc309/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=66d0595efb0d27de3c066222&videoId=66d524968a0be7184d0984e3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e2f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
x-guploader-uploadid
AD-8ljtup60NFVnR7yG6OpgxTDlnkRwuqRXoSupI4U2bM8M241JKOUbPojfmEOL6wwrpI06s004
x-goog-storage-class
STANDARD
Content-Range
bytes 0-7395122/7395123
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
7395123
last-modified
Mon, 02 Sep 2024 02:57:07 GMT
server
UploadServer
etag
"684b65c2faa7cdd15742b11e4a413c94"
x-goog-hash
crc32c=Qb/5RA==, md5=aEtlwvqnzdFXQrEeSkE8lA==
x-goog-generation
1725245827551805
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
7395123
accept-ranges
bytes
expires
Fri, 04 Oct 2024 01:58:26 GMT
action
www14.smartadserver.com/track/ Frame DD95
43 B
141 B
Image
General
Full URL
https://www14.smartadserver.com/track/action?sid=1725415103148&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=viewcount&rtb=1&rtbbid=3191600988495665838&rtbet=0&rtblt=638610119020821005&rtbnid=3490&rtbh=7c15d2d65d0d784969d1d34c6fe279050796c7c3&ts=1725415103148
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

api-supported-versions
1.0
date
Wed, 04 Sep 2024 01:58:26 GMT
content-type
image/gif
action
www14.smartadserver.com/track/ Frame 9BC8
43 B
141 B
Image
General
Full URL
https://www14.smartadserver.com/track/action?sid=1725415102184&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=impressionsonepx&rtb=1&rtbbid=7722781496954960692&rtbet=0&rtblt=638610119012621249&rtbnid=3490&rtbh=7391fcc3c2607b1452c8da3c7894e8fdf3ac4155&ts=1725415102184
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

api-supported-versions
1.0
date
Wed, 04 Sep 2024 01:58:26 GMT
content-type
image/gif
action
www14.smartadserver.com/track/ Frame 9BC8
43 B
141 B
Image
General
Full URL
https://www14.smartadserver.com/track/action?sid=1725415102184&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=viewcount&rtb=1&rtbbid=7722781496954960692&rtbet=0&rtblt=638610119012621249&rtbnid=3490&rtbh=7391fcc3c2607b1452c8da3c7894e8fdf3ac4155&ts=1725415102184
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

api-supported-versions
1.0
date
Wed, 04 Sep 2024 01:58:25 GMT
content-type
image/gif
action
www14.smartadserver.com/track/ Frame DD95
43 B
141 B
Image
General
Full URL
https://www14.smartadserver.com/track/action?sid=1725415103148&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=impressionsonepx&rtb=1&rtbbid=3191600988495665838&rtbet=0&rtblt=638610119020821005&rtbnid=3490&rtbh=7c15d2d65d0d784969d1d34c6fe279050796c7c3&ts=1725415103148
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.65 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

api-supported-versions
1.0
date
Wed, 04 Sep 2024 01:58:26 GMT
content-type
image/gif
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=QUANTCAST3&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1725415106022&de=90332215738&m=0&ar=77fe5126-clean&iw=f31153f&q=5&cb=0&ym=0&cu=1725415106022&ll=1&lm=0&ln=1&r=0&em=0&en=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3A2f445ebe-b4e5-49ca-91fa-9484cd9b1013&cadf=-&zMoatuid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&bo=file.io&bd=-&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=quantcastv2691176990399&fd=1&it=500&ti=0&ih=2&pe=1%3A2483%3A2483%3A2920%3A1048&jm=-1&fs=45&na=1095639563&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:26 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=mzHOG3xWV2pvdmNDRkZUNUJIOXNORk5abDROYzRveTBiSkg1aVhOdFNuVWtyRlE5RlJxamVmRDd3eS9pWC9xSmZCc1NJZm94dTFDc3hvNUxvWFBHdktBcmVNSkIzbGhEeWRRK3NpcDBkR3lIaWw3eVlUTXcycThZanBoWCtlMlVvbHFWSDIraXRjYWREbXY3V3JiSWZjZFozNERtU1huOE1MczVFUHV5ZjFkWis4dkh2c3VCNFJoSmdaN25HTFhOQnc5ZFVhUGs4OUs1WFgrVmlOemZzZElvZWU4dGNCeVNsSTRTb0NqM3lrbEZseFhncW1jNVNiRTIyUGRlUGM2b09EVGs0fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 04 Sep 2024 01:58:26 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
176439
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
B31830695.400049205;dc_ver=101.296;sz=160x600;u_sd=1;gdpr=0;nel=1;dc_adk=4262858381;ord=2phggw;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-FzmKaBBs3r0sm%26labels%3D_qc.clk%2C_click.adser...
ad.doubleclick.net/ddm/adi/N7372.245881CADREON/ Frame 25A6
0
0
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N7372.245881CADREON/B31830695.400049205;dc_ver=101.296;sz=160x600;u_sd=1;gdpr=0;nel=1;dc_adk=4262858381;ord=2phggw;click=https%3A%2F%2Fexch.quantserve.com%2Fr%3F%26a%3Dp-FzmKaBBs3r0sm%26labels%3D_qc.clk%2C_click.adserver.rtb%2C_click.rand.257784727%26rtbip%3D192.184.73.166%26rtbdata2%3DEBc6E2h0dHBzOi8vd3d3LmZpbGUuaW9aJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPYAB0oiD7Q66ARM4NDUyMjM4MzE5MDc3MDI5NDc0wAGA8QTIAZmthNabMtoBJGJjMDA2OGI1LTlmOGEtNDczNS1iOGZjLWNlYmZlYTAyYzJmMrACDsgCANACzuGG-_if98ypAegCIPICDwjAhD0QhYrRh6O16oOLAfICDwiT4TQQhf-xsOH45oqOAfICDAggENih8fzyw9jyT_gCAIoDBDM0OTCSAwhzbWFydF9hZJgDAKgDALIDBKYAzUa6AxIJ60MSjTroZ_cRR_Nb4YudFaLCAxIJQk_ApPT2x-4RDym4zLfaqoHIA5qAwBPYA5f39XriAw9wLUZ6bUthQkJzM3Iwc23qAwYIoAEQ2ATyAwloM2glMjAwYTH4AwCABIYNigQEMTE3MpoEEgnkSKZVlKpxbhHqDBz42MJGhKIEEgnrQxKNOuhn9xFH81vhi50VoqoEEgnrQxKNOuhn9xFH81vhi50VorgEqAHQBCDyBAJDQYAFAYoFKjIwMGZhMWRkNTY5MzY2NmI1ZmFmY2QzZjlmMjNjMWRlMzFkNDFmMzYxY5AFAZoFFSAPod1Wk2ZrX6_NP58jwd4x1B82HKIFJEpQeTlfdzMtcDZvTTdaekJHZENhcml6VzJLMGw4dzJ5VHFJPbgFAMAFl_f1esgF5M2oBNIFBggCEAQYI-gFB5oGFAoSCeRIplWUqnFuEeoMHPjYwkaEoAYAqAbKyPsStQboDwc4ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBkIQN5mu2-oF0AYO2AYe4gYfX2ZwLmV2ZW50LlB1cmNoYXNlIENvbmZpcm1hdGlvbuoGEGh0dHBzOi8vdm9pbGEuY2HxBgOANpmu2-oF%26redirecturl3%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN$0;xdt=0;crlt=M06yUEtDgK;cmpl=8;gcsr=m;stc=1;chaa=1;sttr=1196;prcl=s
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
32027
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 01:58:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&ctr=0&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=eec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Fri, 04 Aug 1978 12:00:00 GMT
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
content-type
image/gif
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.file.io%2F%2Fz8Va%2Fdownload%2F-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106022&de=90332215738&cu=1725415106022&m=46&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=0&ag=10&an=0&gf=10&gg=0&ix=10&ic=10&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=10&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=19&cd=0&ah=19&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3A2f445ebe-b4e5-49ca-91fa-9484cd9b1013&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&hv=DOMSEARCH&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=1652435352&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:26 GMT
v1
lb.eu-1-id5-sync.com/lb/
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
ca7b08492df49d4e36d3b00041504eb3dec6e42bde17ce870a7e925f6ea18a48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/66d5296e96bad917630cc309/
54 KB
54 KB
Media
General
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/66d5296e96bad917630cc309/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=66d0595efb0d27de3c066222&videoId=66d524968a0be7184d0984e3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e2f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
a4972ce9b3652c7819e16e56f0b167a86ccb6b64a99b415083c88b367eb83a3f

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=7340032-

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
x-guploader-uploadid
AD-8ljtup60NFVnR7yG6OpgxTDlnkRwuqRXoSupI4U2bM8M241JKOUbPojfmEOL6wwrpI06s004
x-goog-storage-class
STANDARD
Content-Range
bytes 7340032-7395122/7395123
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
55091
last-modified
Mon, 02 Sep 2024 02:57:07 GMT
server
UploadServer
etag
"684b65c2faa7cdd15742b11e4a413c94"
x-goog-generation
1725245827551805
x-goog-hash
crc32c=Qb/5RA==, md5=aEtlwvqnzdFXQrEeSkE8lA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
7395123
accept-ranges
bytes
content-type
video/mp4
expires
Fri, 04 Oct 2024 01:58:26 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=QUANTCAST3&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1725415106219&de=182923338367&m=0&ar=77fe5126-clean&iw=f31153f&q=8&cb=0&ym=0&cu=1725415106219&ll=1&lm=0&ln=1&r=0&em=0&en=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3Aeec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&cadf=-&zMoatuid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&bo=file.io&bd=-&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=quantcastv2691176990399&fd=1&it=500&ti=0&ih=2&pe=1%3A2483%3A2483%3A2920%3A1048&jm=-1&fs=45&na=708708179&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:26 GMT
AGSKWxU3YGsXhmPPsAi-_4U2D2hzLSGBszND1lH0gO3c0cZrsySCIsczt7lrl3Ceb2zXn4XFzQweYwem1d_qpT3Wx-1_0zeiYoQCptPVj0JKYC70tvX9penfsZp8K_E9XsfvtREaIpVxhQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU3YGsXhmPPsAi-_4U2D2hzLSGBszND1lH0gO3c0cZrsySCIsczt7lrl3Ceb2zXn4XFzQweYwem1d_qpT3Wx-1_0zeiYoQCptPVj0JKYC70tvX9penfsZp8K_E9XsfvtREaIpVxhQ==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wWTdWweWcXW-hXBAmYA0zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wWTdWweWcXW-hXBAmYA0zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDgO_b23jU3gxL8NzUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBIz8A8vsAAAJCdLsk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.file.io%2F%2Fz8Va%2Fdownload%2F-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106219&de=182923338367&cu=1725415106219&m=36&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=0&ag=8&an=0&gf=8&gg=0&ix=8&ic=8&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=8&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15&cd=0&ah=15&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3Aeec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&hv=DOMSEARCH&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=713066516&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:26 GMT
258.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
61f79df94a2da38632fa6e3d13fa3c900e3a7ca9ae3faf44031ed31c4e330aee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.file.io
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
398 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
go1.aniview.com/api/adserver/tag/
30 KB
7 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=2d4fc4a3-967a-417b-b5af-faade7444fdb&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track4.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&AV_GPID=/5f2063121d82c82557194737/6374f8665f2f007d23421195/www.file.io&d36=6.2.235&responsive=1&sver=5&avtoken=106857&omv=1.0.1&AV_D65=GoogleSignals&AV_D66=8.5.14&clsid=30e48824-66f1-47dd-b1eb-750ec4c78190&rando=78&scnt=1&AV_WIDTH=440&AV_HEIGHT=247&AV_CCPA=1---&AV_DNT=0&cb=1725415106867&wfc=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.81 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
716388ec3bf4fe9a906ba141ce8aa316571ce08f2a1c8258d0384e2e9400b177

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:27 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
alt-svc
h3=":443";ma=60;
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.file.io
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Fri, 23 Aug 2024 12:11:47 GMT
track
track4.aniview.com/
0
168 B
Image
General
Full URL
https://track4.aniview.com/track?r=www.file.io&sn=&ic=0&tgt=0&app=&wi=440&he=247&test=&d36=6.2.235&apppkg=&fv=1&proto=https&d65=GoogleSignals&d66=8.5.14&clsid=30e48824-66f1-47dd-b1eb-750ec4c78190&rando=78&scnt=1&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&pt=2&d66=8.5.14&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=66d524968a0be7184d0984e3&cpid=66d0595efb0d27de3c066222&str=viewable&cmssynd=%5B%5D&e=inventory&vi=100&plt=2&cb=1725415106865
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106022&de=90332215738&cu=1725415106022&m=1125&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=1094&an=10&gi=1&gf=1094&gg=10&ix=1094&ic=1094&ez=1&ck=1094&kw=900&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1094&bx=10&ci=1094&jz=900&dj=1&aa=0&ad=975&cn=0&gk=975&gl=0&ik=975&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=900&cd=19&ah=900&am=19&xd=00&rf=0&re=1&ft=975&fv=0&fw=975&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3A2f445ebe-b4e5-49ca-91fa-9484cd9b1013&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=1985855578&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:27 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
364 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&ctr=1&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=2f445ebe-b4e5-49ca-91fa-9484cd9b1013&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
364 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&event=fullonscreen1secvisible&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=2f445ebe-b4e5-49ca-91fa-9484cd9b1013&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
page-data.json
www.file.io/page-data/login/
0
628 B
Other
General
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Origin
https://www.file.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:06:38 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
5K5N5H8AS5FJ9J1A
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
13910
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
7Kz/XcZzAN/ZO1fvJT8f3KfR3ZKez/ttmKoiiU5+FEAFddz5IORr1kEPte6MAOy8iW6woNgOth4=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
-FnIkkv0Z1LkLYiqJduwEtIWhuNfBQAO8fHpc_4lQcu3r335i9WzOA==
page-data.json
www.file.io/page-data/index/
0
674 B
Other
General
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
Origin
https://www.file.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:41:22 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
N507D34H6QYYN3F1
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
40626
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
wvYDgnj8tTIozD40bP2GeuCFZekT260z7YfWrvGxpk1kqf6ef5tWIjboWyPVhcaitOeM3RepB0215lwrVssvAA==
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
_OqMmDM5Fhay7Gp8rmpvO1dAq86y69rsq3vyD7QmLeVZSGMc-GPasw==
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106022&de=90332215738&cu=1725415106022&m=1127&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=1094&an=1094&gi=1&gf=1094&gg=1094&ix=1094&ic=1094&ez=1&ck=1094&kw=900&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1094&bx=1094&ci=1094&jz=900&dj=1&aa=0&ad=975&cn=975&gk=975&gl=975&ik=975&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=900&cd=900&ah=900&am=900&xd=00&rf=0&re=1&ft=975&fv=975&fw=975&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3A2f445ebe-b4e5-49ca-91fa-9484cd9b1013&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=1173341702&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:27 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
364 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&ctr=1&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=eec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
364 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&event=fullonscreen1secvisible&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=eec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106022&de=90332215738&cu=1725415106022&m=1128&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=1094&an=1094&gi=1&gf=1094&gg=1094&ix=1094&ic=1094&ez=1&ck=1094&kw=900&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1094&bx=1094&ci=1094&jz=900&dj=1&aa=0&ad=975&cn=975&gk=975&gl=975&ik=975&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=900&cd=900&ah=900&am=900&xd=00&rf=0&re=1&ft=975&fv=975&fw=975&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3A2f445ebe-b4e5-49ca-91fa-9484cd9b1013&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=1716946182&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:27 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106219&de=182923338367&cu=1725415106219&m=1115&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=1090&an=8&gi=1&gf=1090&gg=8&ix=1090&ic=1090&ez=1&ck=1090&kw=882&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1090&bx=8&ci=1090&jz=882&dj=1&aa=0&ad=990&cn=0&gk=990&gl=0&ik=990&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=882&cd=15&ah=882&am=15&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3Aeec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=727890700&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:27 GMT
page-data.json
www.file.io/page-data/login/
135 B
0
XHR
General
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 22:06:38 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
5K5N5H8AS5FJ9J1A
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
13910
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
7Kz/XcZzAN/ZO1fvJT8f3KfR3ZKez/ttmKoiiU5+FEAFddz5IORr1kEPte6MAOy8iW6woNgOth4=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
-FnIkkv0Z1LkLYiqJduwEtIWhuNfBQAO8fHpc_4lQcu3r335i9WzOA==
sync
ssbsync.smartadserver.com/api/ Frame 397D
0
0
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.85 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length
890
content-type
text/html
date
Wed, 04 Sep 2024 01:58:26 GMT
cookiesyncendpoint
sync.aniview.com/ Frame EB42
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=0&_fw_gdpr_consent=&gpp=&gpp_sid=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=e42ffa6c5ccb4f87abffd2e3f2af7412&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
0
0
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=e42ffa6c5ccb4f87abffd2e3f2af7412&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Sep 2024 01:58:27 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=e42ffa6c5ccb4f87abffd2e3f2af7412&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1725415107567089-1196
auto-user-sync
ads.stickyadstv.com/ Frame 6972
0
0
Document
General
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.210 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Date
Wed, 04 Sep 2024 01:58:27 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1725415107592067-102
cookiesyncendpoint
sync.aniview.com/ Frame 4967
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D18%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=18&key=JRd2ALZHibusND0NQjeMEK8z
0
0
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=18&key=JRd2ALZHibusND0NQjeMEK8z
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=18&key=JRd2ALZHibusND0NQjeMEK8z
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05F8
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D1%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.193.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-193-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=66529
content-encoding
gzip
content-length
5633
content-type
text/html
date
Wed, 04 Sep 2024 01:58:27 GMT
expires
Wed, 04 Sep 2024 20:27:16 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7376
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-170-143.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Wed, 04 Sep 2024 01:58:27 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
sync
ups.analytics.yahoo.com/ups/58815/ Frame 9423
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
0
date
Wed, 04 Sep 2024 01:58:27 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.134
strict-transport-security
max-age=31536000
0
prebid.a-mo.net/cchain/ Frame 2790
0
0
Document
General
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
672
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 01:58:26 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
0
prebid.a-mo.net/cchain/ Frame 7637
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D52%26key%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqjwFodHRwczovL3N5...
0
0
Document
General
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqjwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9NjcyMzExYWYtY2I5ZC00YmE4LWE2ZDUtMmIzY2ZiODZkMmM4JmJpZGRlcm5hbWU9NTIma2V5PXVhLTY0NzBmZDQ3LTQwNTMtMzJlOC04MDAzLTNiMzYyMzRlNjFiNTICBhs4AQ==%26buyeruid%3D
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
672
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 01:58:27 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT
expires
0
location
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02NDcwZmQ0Ny00MDUzLTMyZTgtODAwMy0zYjM2MjM0ZTYxYjUqjwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9NjcyMzExYWYtY2I5ZC00YmE4LWE2ZDUtMmIzY2ZiODZkMmM4JmJpZGRlcm5hbWU9NTIma2V5PXVhLTY0NzBmZDQ3LTQwNTMtMzJlOC04MDAzLTNiMzYyMzRlNjFiNTICBhs4AQ==%26buyeruid%3D
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame 68D4
Redirect Chain
  • https://cs.krushmedia.com/c517e991b368016fcb5125d653c3e1e6.gif?puid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=62&key=de4b9a3f-9eaf-563e-8f4f-4d1dd0eb307f
0
0
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=62&key=de4b9a3f-9eaf-563e-8f4f-4d1dd0eb307f
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Sep 2024 01:58:27 GMT
Expires
0
Location
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=62&key=de4b9a3f-9eaf-563e-8f4f-4d1dd0eb307f
Pragma
no-cache
Server
nginx
cookiesyncendpoint
sync.aniview.com/ Frame 585B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=136&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fbiddername%3D215%26auid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c...
  • https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&gdpr=0&gdpr_consent=&ccpa=1---&key=bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
0
0
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&gdpr=0&gdpr_consent=&ccpa=1---&key=bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0,no-cache,no-store
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&gdpr=0&gdpr_consent=&ccpa=1---&key=bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
via
1.1 google
cookiesyncendpoint
sync.aniview.com/ Frame 1374
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26bidde...
  • https://u.openx.net/w/1.0/cm?cc=1&id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26...
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=23&key=41755e72-01b9-4904-93c2-c49f72d86307
0
0
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=23&key=41755e72-01b9-4904-93c2-c49f72d86307
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Wed, 04 Sep 2024 01:58:28 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Wed, 04 Sep 2024 01:58:27 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=23&key=41755e72-01b9-4904-93c2-c49f72d86307
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame B5A6
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1353
content-type
text/html
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame 0AA3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=55&key=3886628682223636672
0
0
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=55&key=3886628682223636672
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
30b21053-2f7a-49d1-a88e-d89904c2503c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 01:58:27 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=55&key=3886628682223636672
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
166.0.205.70; 166.0.205.70; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
cookiesyncendpoint
sync.aniview.com/ Frame DFDD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=200&key=OPTOUT
0
0
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=200&key=OPTOUT
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=60;
content-length
0
date
Wed, 04 Sep 2024 01:58:27 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 04 Sep 2024 01:58:31 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=200&key=OPTOUT
pragma
no-cache
sync
x.bidswitch.net/
43 B
183 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid&user_id=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:27 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
cookiesyncendpoint
sync.aniview.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7...
  • https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=24&pid=59c9148628a0612da3689288&key=
0
249 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=24&pid=59c9148628a0612da3689288&key=
Protocol
H2
Server
172.240.45.78 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:28 GMT
alt-svc
h3=":443";ma=60;
content-length
0

Redirect headers

location
https://sync.aniview.com/cookiesyncendpoint?auid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&biddername=24&pid=59c9148628a0612da3689288&key=
date
Wed, 04 Sep 2024 01:58:27 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
track
track4.aniview.com/
0
168 B
Image
General
Full URL
https://track4.aniview.com/track?d=Chrome&cou=CA&cos=Linux&r=www.file.io&rs=www.file.io&sid=8694&t=1725415107&cip=166.0.205.70&sn=&tgt=0&osv=&bv=128.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=00681b13e6e024b45a30e7ada44cda0b&d63=00681b13e6e024b45a30e7ada44cda0b&aafaid=&proto=https&uid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.235&cb=35383885447&d39=&d65=GoogleSignals&d66=8.5.14&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd18=45.50750&cd19=166.0.205.70&cd20=6373750d98fb531abee85ae5&cd17=-73.58870&d9=0000&d22=5f2063121d82c82557194737&d24=6374ee512c8ca8606841c0a8&d37=realtime&d65=_GlobalConfig&pt=2&d66=8.5.14&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=66d524968a0be7184d0984e3&cpid=66d0595efb0d27de3c066222&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1725415107616&plt=2&asid=5ff87336239c6c7fd600e1b5%2C66213ddbdc48756e930b8fd5%2C5ff48b20d0a41e5853490d69%2C633be2470cbd4b48090dc596&ofpr=0.88%2C0.88%2C0.88%2C&fpo=%2C%2C%2C&ri=1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:27 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
track
track4.aniview.com/
0
168 B
Image
General
Full URL
https://track4.aniview.com/track?d=Chrome&cou=CA&cos=Linux&r=www.file.io&rs=www.file.io&sid=8694&t=1725415107&cip=166.0.205.70&sn=&tgt=0&osv=&bv=128.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=00681b13e6e024b45a30e7ada44cda0b&d63=00681b13e6e024b45a30e7ada44cda0b&aafaid=&proto=https&uid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.235&cb=35383885447&d39=&d65=GoogleSignals&d66=8.5.14&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd18=45.50750&cd19=166.0.205.70&cd20=6373750d98fb531abee85ae5&cd17=-73.58870&d9=0000&d22=5f2063121d82c82557194737&d24=6374ee512c8ca8606841c0a8&d37=realtime&d65=_GlobalConfig&pt=2&d66=8.5.14&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=66d524968a0be7184d0984e3&cpid=66d0595efb0d27de3c066222&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1725415107616&plt=2&asid=61fb88e45aa84d2e9700fb35%2C663cb0e35b310c4804053be5&ofpr=1%2C1.8&fpo=%2C&ri=1%2C1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 01:58:27 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
component---src-pages-login-js-93413dd2e63f89832306.js
www.file.io/
0
6 KB
Other
General
Full URL
https://www.file.io/component---src-pages-login-js-93413dd2e63f89832306.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Apr 2024 17:28:04 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
QD7X9SH7K41B0K6B
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
11089824
x-cache
Hit from cloudfront
x-amz-id-2
HnhZO6vl1f+mjXoyGordLJgzOMnsKOqXjrSKe36ujrWLT/+ubOJDCInZopLSzlxYtEW1mjEND2o=
last-modified
Tue, 21 Nov 2023 16:38:08 GMT
server
AmazonS3
etag
W/"0d7acf561dc45f8157c63d8060b79093"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
YSrPsbvvqYC9dZV7I1UYxlRi0DUVXyVQ_j8mE7aHKWuRIkIjGDoQBg==
avpb8.48.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 4BB2
354 KB
109 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e44 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
46e410c7a3ad6a66fd08c9dcf26c9078783463ed4214e3dc53b8b7278b676bf1

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:28 GMT
Content-Encoding
gzip
X-GUploader-UploadID
AD-8ljuSRb8DqW64q2mBDCg2MGpV0hCySIqjbePoxFtgphKiI3TLpVIJycaAoa-iDVCSWeDekA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
111145
Last-Modified
Mon, 02 Sep 2024 08:13:17 GMT
Server
UploadServer
ETag
"e15b7bfa6b48ac138266c957419cecbd"
Vary
Accept-Encoding
x-goog-generation
1725264797116328
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=KsqAGA==, md5=4Vt7+mtIrBOCZslXQZzsvQ==
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, no-transform, max-age=900
x-goog-stored-content-length
111145
Accept-Ranges
bytes
Expires
Wed, 04 Sep 2024 02:13:28 GMT
avpb8.48.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 4BB2
72 KB
25 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a0.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e44 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f80bd049512b884446db797cc3c8193aa1eb91a1f1aaf59829a5c0a8a12eb1a1

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 01:58:28 GMT
Content-Encoding
gzip
X-GUploader-UploadID
AD-8ljtZVrsAhDKQJq3umPIJXTu2REnjXhY9tL9yzjEx2fLqDy9gI1q0i8He50eZNmEZRzlM13YmFdc71A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
24274
Last-Modified
Mon, 02 Sep 2024 08:13:17 GMT
Server
UploadServer
ETag
"b17852af768806c8efef382ec149a8c2"
Vary
Accept-Encoding
x-goog-generation
1725264796981079
x-goog-hash
crc32c=HKA0WQ==, md5=sXhSr3aIBsjv7zguwUmowg==
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, no-transform, max-age=900
x-goog-stored-content-length
24274
Accept-Ranges
bytes
Expires
Wed, 04 Sep 2024 02:13:28 GMT
avpb8.48.0a5.js
player.aniview.com/script/6.1/libs/prebid/ Frame 4BB2
80 KB
24 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a5.js
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e44 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9aba6d6c4b562ad3a264f872dfb088c8bf79e0b7ebca08f5f57723730da549bd

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

quic-version
0x00000001
date
Wed, 04 Sep 2024 01:58:28 GMT
content-encoding
gzip
x-guploader-uploadid
AD-8ljv3LxZrAll2qZGB6uckMY--KLrYOmnYShkG6SNyHzCrZArsCc3-t_22ZfDFBjCp3Obhgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
24433
last-modified
Mon, 02 Sep 2024 08:13:17 GMT
server
UploadServer
etag
"cdb51eb62df4dcff7ae6f58d2870f216"
vary
Accept-Encoding
x-goog-generation
1725264797060901
x-goog-hash
crc32c=W4Ka2A==, md5=zbUeti303P965vWNKHDyFg==
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
24433
accept-ranges
bytes
expires
Wed, 04 Sep 2024 02:13:28 GMT
s2s
s2s.aniview.com/api/adserver/ Frame 4BB2
0
793 B
Fetch
General
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=00681b13e6e024b45a30e7ada44cda0b&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=2d4fc4a3-967a-417b-b5af-faade7444fdb&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track4.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&AV_GPID=/5f2063121d82c82557194737/6374f8665f2f007d23421195/www.file.io&d36=6.2.235&responsive=1&sver=5&avtoken=106857&omv=1.0.1&AV_D65=GoogleSignals&AV_D66=8.5.14&clsid=30e48824-66f1-47dd-b1eb-750ec4c78190&rando=78&scnt=1&AV_WIDTH=440&AV_HEIGHT=247&AV_CCPA=1---&AV_DNT=0&cb=5415107584&wfc=1&tgt=0&&AV_VI=100&AV_VID=0&d4=1&d5=0&AV_PLCMT=2&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&AV_IRISID=&AV_IRISIDCTX=&ms2s=1
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.70 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:28 GMT
x-bamboo-c-skst
1
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.file.io
cache-control
no-cache
access-control-allow-credentials
true
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
alt-svc
h3=":443";ma=60;
expires
Fri, 23 Aug 2024 12:11:48 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 4BB2
28 B
305 B
Fetch
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583018&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=0&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.151.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-151-115.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-http2-stream-id
18389
pragma
no-cache
date
Wed, 04 Sep 2024 01:58:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106219&de=182923338367&cu=1725415106219&m=1117&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=1090&an=1090&gi=1&gf=1090&gg=1090&ix=1090&ic=1090&ez=1&ck=1090&kw=882&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1090&bx=1090&ci=1090&jz=882&dj=1&aa=0&ad=990&cn=990&gk=990&gl=990&ik=990&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=882&cd=882&ah=882&am=882&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3Aeec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=1547754332&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:27 GMT
page-data.json
www.file.io/page-data/index/
154 B
0
XHR
General
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 14:41:22 GMT
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
N507D34H6QYYN3F1
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
40626
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
wvYDgnj8tTIozD40bP2GeuCFZekT260z7YfWrvGxpk1kqf6ef5tWIjboWyPVhcaitOeM3RepB0215lwrVssvAA==
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
_OqMmDM5Fhay7Gp8rmpvO1dAq86y69rsq3vyD7QmLeVZSGMc-GPasw==
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106219&de=182923338367&cu=1725415106219&m=1125&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=1090&an=1090&gi=1&gf=1090&gg=1090&ix=1090&ic=1090&ez=1&ck=1090&kw=882&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1090&bx=1090&ci=1090&jz=882&dj=1&aa=0&ad=990&cn=990&gk=990&gl=990&ik=990&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=882&cd=882&ah=882&am=882&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3Aeec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=1829514526&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:27 GMT
component---src-pages-index-js-7c9738f2f01d69461917.js
www.file.io/
0
17 KB
Other
General
Full URL
https://www.file.io/component---src-pages-index-js-7c9738f2f01d69461917.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-14.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/z8Va/download/bdjrHZf7rqWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 08:29:54 GMT
content-encoding
br
via
1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
x-amz-request-id
J157AY6WQ1MEDF4T
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
20453315
x-cache
Hit from cloudfront
x-amz-id-2
EKJ9ic6zu892iOxOY8JSdoztzpE2HNb6l+JPD4DZLb09O85VnFIbyrHLuCJjNvhNzAQBsVc23ag=
last-modified
Tue, 21 Nov 2023 16:38:08 GMT
server
AmazonS3
etag
W/"deb0e4da83ab96b61be0acee8e705b59"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
aPqX5RgpwvGzVNh77iGBM5S-ptPfZSbByHLSOnTORzG94eB5kzLLsg==
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106022&de=90332215738&cu=1725415106022&m=1348&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=1316&an=1094&gi=1&gf=1316&gg=1094&ix=1316&ic=1316&ez=1&ck=1094&kw=900&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1316&bx=1094&ci=1094&jz=900&dj=1&aa=1&ad=1197&cn=975&gn=1&gk=1197&gl=975&ik=1197&co=1197&cp=1103&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1103&cd=900&ah=1103&am=900&xd=00&rf=0&re=1&ft=1197&fv=975&fw=975&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3A2f445ebe-b4e5-49ca-91fa-9484cd9b1013&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=3&tc=0&fs=45&na=1265218787&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:28 GMT
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/66d5296e96bad917630cc309/
3 MB
0
Media
General
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/66d5296e96bad917630cc309/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=66d0595efb0d27de3c066222&videoId=66d524968a0be7184d0984e3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e2f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=262144-

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
x-guploader-uploadid
AD-8ljtup60NFVnR7yG6OpgxTDlnkRwuqRXoSupI4U2bM8M241JKOUbPojfmEOL6wwrpI06s004
x-goog-storage-class
STANDARD
Content-Range
bytes 262144-7395122/7395123
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
7132979
last-modified
Mon, 02 Sep 2024 02:57:07 GMT
server
UploadServer
etag
"684b65c2faa7cdd15742b11e4a413c94"
x-goog-generation
1725245827551805
x-goog-hash
crc32c=Qb/5RA==, md5=aEtlwvqnzdFXQrEeSkE8lA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
7395123
accept-ranges
bytes
content-type
video/mp4
expires
Fri, 04 Oct 2024 01:58:26 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
364 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&event=fullonscreen2secvisible&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=2f445ebe-b4e5-49ca-91fa-9484cd9b1013&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106219&de=182923338367&cu=1725415106219&m=1559&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=1535&an=1090&gi=1&gf=1535&gg=1090&ix=1535&ic=1535&ez=1&ck=1090&kw=882&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1535&bx=1090&ci=1090&jz=882&dj=1&aa=1&ad=1435&cn=990&gn=1&gk=1435&gl=990&ik=1435&co=1435&cp=1097&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1097&cd=882&ah=1097&am=882&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3Aeec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=3&tc=0&fs=45&na=1430583605&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:28 GMT
prebid
id5-sync.com/api/config/ Frame 4BB2
195 B
471 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
ef70ac1bba6550ed4f4beeab8a20c96b4d4c23eca334d2cfe07f0331695dbad5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 4BB2
108 B
0
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3866028ac748863d614b6132fdbea0dc53c58ef89bfb436c9b1e80a4fdb6709

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:24 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 04 Oct 2024 01:58:24 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
364 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&event=fullonscreen2secvisible&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=eec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
topics_frame.html
pa.openx.net/ Frame 962A
0
0
Document
General
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1051
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 01:40:58 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AD-8ljuG9CFxU9db3jV5SEgwAHSFjhpSsRjnlo0-E7NTrW6kgMj1towDQFeVomLmuj_0M7UW-IAmrmH2Pw
translator
hbopenbid.pubmatic.com/ Frame 4BB2
0
54 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 4BB2
0
54 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 4BB2
0
54 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/ Frame 4BB2
296 B
738 B
Fetch
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-84.ewr53.r.cloudfront.net
Software
istio-envoy /
Resource Hash
da2b7b94f372fe2c439510e8a882a85d7d6944a074a85c46c8deedc90c305791

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 04 Sep 2024 01:58:29 GMT
content-encoding
gzip
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
EWR53-P1
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.file.io
x-reason
auction result is empty
access-control-allow-credentials
true
x-envoy-upstream-service-time
153
x-cache
Miss from cloudfront
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
221
x-amz-cf-id
y0SZSoHpOZYm62oZe4G9uPWyMKNh3wiApYrT2BcddtYgy36sMZN9Cg==
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4BB2
67 B
640 B
Fetch
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1725415108881&_fw_bidfloor=0.88&_fw_bidfloorcur=USD&pbjs_version=8.48.0&pKey=-290675413&_fw_us_privacy=1---&gpp=&gpp_sid=-1&_fw_prebid_content=%7B%22title%22%3A%22%5BEng%5D%20OP.GG%20Patch%2014.17%20%20(1)%22%2C%22url%22%3A%22https%3A%2F%2Fcontent1.avplayer.com%2F5f2063121d82c82557194737%2Fvideos%2F66d524968a0be7184d0984e3%2F66d5296e96bad917630cc30a%2Fvideo.mp4%3FAV_TAGID%3D6374f8665f2f007d23421195%26pid%3D5f2063121d82c82557194737%26cid%3D6374ee512c8ca8606841c0a8%26AV_TEMPID%3D62f50abe103ae32adf5785c8%26AV_PUBLISHERID%3D5f2063121d82c82557194737%26av_qd1%3D66d0595efb0d27de3c066222%26videoId%3D66d524968a0be7184d0984e3%22%2C%22keywords%22%3A%22%22%2C%22id%22%3A%2266d524968a0be7184d0984e3%22%2C%22len%22%3A146%7D&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*ov79BLO8FUqC13Pr-do_S2GwmKktlpCDJRJPNFz6jtfBZet8Zy6Qu_ZRNnDSshsc%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A2%2C%22pba%22%3A%22mD4Ppx7pmpuIUngGTP4hJNoZsOluryoW9VtjtYmAU3E%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2277c79248-d765-4dff-b399-d5cbd1628181%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2207512acd-660a-458b-b7f6-2958618df650%22%2C%22atype%22%3A1%7D%5D%7D%5D&withOMSDK=true&_fw_content_category=IAB680&_fw_content_genre=VideoGaming&loc=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&playerSize=440x247&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.211 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 04 Sep 2024 01:58:29 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1725415109239014-125
v1
lb.eu-1-id5-sync.com/lb/ Frame 4BB2
45 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a300e6d296109bf28f5655db0b3141fe871f6131ac61f2a43ba1a2cdcede160a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Sep 2024 01:58:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
258.json
id5-sync.com/g/v2/ Frame 4BB2
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
3caf6e2ff4321c6340f25bea12693166d40546eebadcb2851efeadb5319edc44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 04 Sep 2024 01:58:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.file.io
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415104428&de=35152038867&cu=1725415104428&m=5291&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5023&cd=231&ah=5023&am=231&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=p-UqX1PsUJcNgVs%3Aqfm%3Acf19a1c6-b4ea-46cc-9b0b-790de6353e3c%3Af195585e-4918-4d0d-ba8a-59a573ba987c&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=wufM95PlxKWK48Xwlf_Jp5Li0KnFsZ68nufKqMbrmKHC5sqkD10-ag&uid=wufM95PlxKWK48Xwlf_Jp5Li0KnFsZ68nufKqMbrmKHC5sqkD10-ag&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=1&tc=0&fs=45&na=1206504523&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:29 GMT
cs.html
sdk.streamrail.com/cs-config/ Frame 5994
0
0
Document
General
Full URL
https://sdk.streamrail.com/cs-config/cs.html?org=5fa94677b2db6a00015b22a9&tc=5fcca73e13fd9b000100aa2e&as=5fcca73e13fd9b000100aa30&type=hb&wd=cs.yellowblue.io&domain=file.io
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:2800:c:492d:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
70752
content-length
3480
content-type
text/html
date
Tue, 03 Sep 2024 06:19:19 GMT
etag
"a0a441bd34ade33598ec2a72125b5709"
last-modified
Wed, 22 Mar 2023 13:07:05 GMT
server
AmazonS3
via
1.1 e14852d4795a20bca94d54bc63e09250.cloudfront.net (CloudFront)
x-amz-cf-id
RwpDF7F22EBxWz3uIboo4Puqt4G4elc4YrCAzUj9w-lahhLxN5OBVA==
x-amz-cf-pop
JFK50-P8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F3EA
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335&us_privacy=1---
Requested by
Host: www.file.io
URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.193.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-193-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=66527
content-encoding
gzip
content-length
5633
content-type
text/html
date
Wed, 04 Sep 2024 01:58:29 GMT
expires
Wed, 04 Sep 2024 20:27:16 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gpp=&gpp_sid[]=-1
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=740efe7b1ee2d3fc8a0a2451e74c37&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo1d96_7410602575474309439&gdpr=&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/740efe7b1ee2d3fc8a0a2451e74c37?gdpr=&gdpr_consent=&gdpr=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-VSe9RnJE2oOfBtqsvhJ9Pi_tUkhONylUQVfnsNPt~A
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AADRek7Nr34AAErCwcu_lA&dataProviderId=817
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzQwZWZlN2IxZWUyZDNmYzhhMGEyNDUxZTc0YzM3&gdpr=&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPAxeDZna5pOfDGaYIorCTM&google_cver=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=null&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=77c79248-d765-4dff-b399-d5cbd1628181&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=3886628682223636672&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1580%26userId%3D$UID&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=2064016820420942736696
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=YtvIWxpk1SLFhU5
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1592%26userId%3D%23PMUID
0
0

ctrack
track1.avplayer.com/
0
174 B
Ping
General
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.5.14&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&r=www.file.io&cd1=&cd2=&cd3=&sn=&app=&test=&cb=1725415106603
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 04 Sep 2024 01:58:31 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106022&de=90332215738&cu=1725415106022&m=5124&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=5093&an=1316&gi=1&gf=5093&gg=1316&ix=5093&ic=5093&ez=1&ck=1094&kw=900&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5093&bx=1316&ci=1094&jz=900&dj=1&aa=1&ad=4974&cn=1197&gn=1&gk=4974&gl=1197&ik=4974&co=1197&cp=1103&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4901&cd=1103&ah=4901&am=1103&xd=00&rf=0&re=1&ft=4974&fv=1197&fw=975&wb=2&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3A2f445ebe-b4e5-49ca-91fa-9484cd9b1013&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=4&tc=0&fs=45&na=117925683&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:31 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
364 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&event=inview5orgreater&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=2f445ebe-b4e5-49ca-91fa-9484cd9b1013&uid=cEzjwnUb4sZuFOeQJQDikntI-8p0FObecUzmy3FO7sAhH-CW2SUxMw&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&pxm=1&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=QUANTCAST3&ol=2187872760&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-GkODNwRTPmWpt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-HAQSTAc2oUtvHw%3D%3D&sc=1&os=1-kQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BMCBQmIoRBBCzBz1BBCTClBBreBBC4ehueB57O19aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1285&qm=420&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.file.io%2Fz8Va%2Fdownload%2FbdjrHZf7rqWN&id=1&ii=4&f=0&j=&t=1725415106219&de=182923338367&cu=1725415106219&m=5123&ar=77fe5126-clean&iw=f31153f&cb=0&ym=0&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1858&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2483%3A2483%3A2920%3A1048&as=1&ag=5098&an=1535&gi=1&gf=5098&gg=1535&ix=5098&ic=5098&ez=1&ck=1090&kw=882&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5098&bx=1535&ci=1090&jz=882&dj=1&aa=1&ad=4998&cn=1435&gn=1&gk=4998&gl=1435&ik=4998&co=1435&cp=1097&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4903&cd=1097&ah=4903&am=1097&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=p-FzmKaBBs3r0sm%3Aqfm%3Af767e83a-8d12-43eb-a215-9d8be15bf347%3Aeec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&bo=file.io&bd=-&gw=quantcastv2691176990399&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&cadf=-&zMoatuid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&hv=Domsearch%20Late&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=4&tc=0&fs=45&na=2113532377&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.194.34 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-194-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 04 Sep 2024 01:58:31 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
364 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&event=inview5orgreater&campaign=qfm&lineitem=f767e83a-8d12-43eb-a215-9d8be15bf347&creative=eec7f6f4-a4c0-4f42-81aa-dab7ccb8290f&uid=wRb1cpVNp3eOTKN6wljxdZBA6CCbE6ZvwBCnJMYU9XDAR6NwNid45g&url=file.io&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 01:58:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
track
track4.aniview.com/ Frame 4BB2
0
171 B
Ping
General
Full URL
https://track4.aniview.com/track?d=Chrome&cou=CA&cos=Linux&r=www.file.io&rs=www.file.io&sid=8694&t=1725415107&cip=166.0.205.70&sn=&tgt=0&osv=&bv=128.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=00681b13e6e024b45a30e7ada44cda0b&d63=00681b13e6e024b45a30e7ada44cda0b&aafaid=&proto=https&uid=672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.235&cb=35383885447&d39=&d65=GoogleSignals&d66=8.5.14&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd18=45.50750&cd19=166.0.205.70&cd20=6373750d98fb531abee85ae5&cd17=-73.58870&d9=0000&d22=5f2063121d82c82557194737&d24=6374ee512c8ca8606841c0a8&d37=realtime&d65=_GlobalConfig&pt=2&d66=8.5.14&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=66d524968a0be7184d0984e3&cpid=66d0595efb0d27de3c066222&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 04 Sep 2024 01:58:31 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/66d5296e96bad917630cc309/
64 KB
0
Media
General
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/66d524968a0be7184d0984e3/66d5296e96bad917630cc309/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=66d0595efb0d27de3c066222&videoId=66d524968a0be7184d0984e3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:59::1735:7e2f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=3408152-

Response headers

date
Wed, 04 Sep 2024 01:58:26 GMT
x-guploader-uploadid
AD-8ljtup60NFVnR7yG6OpgxTDlnkRwuqRXoSupI4U2bM8M241JKOUbPojfmEOL6wwrpI06s004
x-goog-storage-class
STANDARD
Content-Range
bytes 3408152-7395122/7395123
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
3986971
last-modified
Mon, 02 Sep 2024 02:57:07 GMT
server
UploadServer
etag
"684b65c2faa7cdd15742b11e4a413c94"
x-goog-generation
1725245827551805
x-goog-hash
crc32c=Qb/5RA==, md5=aEtlwvqnzdFXQrEeSkE8lA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
7395123
accept-ranges
bytes
content-type
video/mp4
expires
Fri, 04 Oct 2024 01:58:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408290101&jk=133855055700708&bg=!8POl87zNAAakh3bWhIc7ADQBe5WfODwlwQ8ZVwTTXG48eO3vGJDQlx84Wufe2MVe70UV09gx9ipKpSZiY8VJ3JWHpLumAgAAAZZSAAAACWgBB34ANnNQEl44RsdzKrSMwn0HmJkd1-YpZbGxiw34vfR6ESb4Xgguz4BgirrBrIfnsqWJa0EtbBPaBAoAqZ1PrvkddGNiRe6D9uDSG3GmAvbfqyrQvQugb5nMGommJ9mUe97Xpeatgg7uoYnU0hlHP9t1zgb7rT8Cv-kf94B9rIQbk5MlMoP2gTl17rUDdUawBnVjnlVaEJL9n4457DRulfRASRhl6bOrIPwgQK7qQWDKVA36MoxxE1k-jrJAKNXIgKq_B_NNuZRtTddxPSassLLUjoZRiTgx4OH7AZqH_kbNN6v2MpmZAqNQ7Bm9VPLsvy2_7xDQcl7e1su57r9wRhID77t7yUe59Qbxn3a9dEPJdJ19aVif1YuzujSGbMZq-AkpeX7PE5pC8av59zVeAjU4_oNlvDU9kV0yxyIgAbkQ4ajtmAe4KZIRRUtw1wfG5mt9UNi1lCEvpJWe-j3HE8FHfHqH9AXWIS91oRR0nM8TLBDPTX4fk2Dep6r8-2ha_RXN1-lhJmo77KhgnAJmx7Fcmc3xZ1W9bWITGHCDNYdDy5Gkhny9KvkvvXeCUQwVZcDV8mk_dF_o25TdJPc7tD9mZN6iMR_scX_PukIEgerNccHCQFRZTytTcQLViECliph6qLEj24ocvItF2cR5EQgi7SFiu0AZiYBr9i6kUEuhkziAx4pTJKW3Kw0u3oAPM1PKWb8rVcPF1VP1mzNeBesd6A12MjDsXyAr_N7F9w9UUJ1wzcLem7Mk2O9Aum1j5eAeHshUpUzQP5dPM2VX5Sl0RjaGWFMRY9IBSOcQI-Mr32q_jL6usoHuqQU2bTxBZ0eTV8GpgFP9hIPKtEnX5O3oH_5Wuy7nhrUFtrCX4WHLqURkalie0ATT6EZTK8nFrDkLmHt3LD9XrTVnxkhyAumhRD-PZYu_etTs-PNxTc9lwo0JnFd-SNW_pF3ZNdYYneWjsKuIK4mXSsGFV1oM73TL5u5_m-68qvrvUCXUWK6c2dZDzg2P9QsiKBGdz6y39ofWanA1ejCU7fVipuXSCC_onB9gzMWJay3YbCOK5HyeHcJ_bEvb5b3vO8iH592ESFv2xngfY27ZC4rMjB-gx-kvPrBMX5E9w6ZTENWOr75JuNTvr1hRJPRKtXqzP3rJSL-yJHQsi4n0CH6M50T6Ejv5qGrOVjForCgl01rjOSF5gPDc-KG49SOQxQA
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1592%26userId%3D%23PMUID

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 function| gtag object| dataLayer string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| __LOADABLE_LOADED_CHUNKS__ object| webpackChunkad_manager number| __VM_PRELOADER_COUNT object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal string| GoogleAnalyticsObject function| ga object| __VM_BAIT_RESPONSE number| gatsby_scroll_offset number| gatsby_scroll_duration object| __VM_FSGEO_RESPONSE string| __VM_HBC object| gaplugins object| gaData object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| __VM object| ADAGIO string| nobidVersion object| nobid object| __vm_add object| uponit object| apstag object| _qevents object| dvtag object| PQ function| quantserve function| __qc object| ezt object| _aps boolean| apstagLOADED object| apscustom object| edktInitializor object| ggeac object| google_js_reporting_queue function| ha object| cnvr_launcher_options object| google_reactive_ads_global_state object| hadron boolean| __halo_loaded__ object| __id5_finalization_registry object| ID5 object| sas object| apntag object| _ADAGIO object| conversant object| PublisherCommonId object| au object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MTE4YTIxNDI2ZDQwYzhhZWxvYWRlcl9qcw== string| MTE4YTIxNDI2ZDQwYzhhZWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_topics_state number| google_unique_id object| auvars object| aniviewRenderer object| criteo_pubtag object| criteo_identitytag_156 object| Criteo object| Criteo_identitytag_156 object| ox_esp object| _33across object| GoogleGcLKhOms function| lotameIsCompatible function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ia object| sync16589_ja object| sync16589_s object| sync16589_wa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_ga function| sync16589_ha function| sync16589_t function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_ka function| sync16589_la function| sync16589_y function| sync16589_ma function| sync16589_z function| sync16589_A function| sync16589_u function| sync16589_C function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_qa function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_M function| sync16589_L function| sync16589_N function| sync16589_O function| sync16589_J function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_P function| sync16589_Q function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_S function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_T function| sync16589_Fa function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Ga function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_Ha function| sync16589_3 function| sync16589_Ja function| sync16589_Ia function| sync16589_4 function| sync16589_La function| sync16589_Ma function| sync16589_Ka function| sync16589_Na function| sync16589_Qa function| sync16589_Pa function| sync16589_Oa function| sync16589_Sa function| sync16589_Ua function| sync16589_Ra function| sync16589_6 function| sync16589_Ta function| sync16589_Xa function| sync16589_Wa function| sync16589_Va function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Ya function| sync16589_Za function| sync16589__a function| sync16589_0a function| sync16589_9 function| sync16589_1a function| sync16589_$ function| sync16589_2a function| sync16589_3a function| sync16589_4a object| lotame_sync_16589 function| docReady object| autag object| audDataLayer function| audGtag object| publink_options object| coreid boolean| cca9b8dd-5e5a-4673-9546-1a1e8fbb0ab8 object| aniplayerPos object| avContentPlayerScheduler number| __google_lidar_ function| __google_lidar_radf_ object| webpackChunk_aniview_player object| @aniview object| avContentPlayer object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| googDdmPs object| google_image_requests object| storageAni object| freewheelssp_cache

311 Cookies

Domain/Path Name / Value
.file.io/z8Va/download Name: __qca
Value: P0-823980441-1725415100531
.3lift.com/sync Name: sync
Value: CgoIoQEQjsSE1psyCgoI4gEQjsSE1psyCgoI5gEQjsSE1psyCgoIhwIQjsSE1psyCgkIOhCOxITWmzIKCQgbEI7EhNabMgoKCIwCEI7EhNabMgoKCKwCEI7EhNabMgoKCK0CEI7EhNabMgoJCF8QjsSE1psy
.file.io/ Name: _ga_KDJB5247JB
Value: GS1.1.1725415099.1.0.1725415099.60.0.0
.file.io/ Name: _ga
Value: GA1.2.1052521603.1725415099
.file.io/ Name: _gid
Value: GA1.2.875104092.1725415099
.file.io/ Name: _gat_gtag_UA_65658019_1
Value: 1
.quantserve.com/ Name: mc
Value: 66d7bebc-dedf2-e5e92-4cea3
.file.io/ Name: __qca
Value: P0-823980441-1725415100531
.sharethrough.com/ Name: stx_user_id
Value: 30edda30-6294-4fda-80c0-b46c6f428718
.adnxs.com/ Name: XANDR_PANID
Value: rDAV0BVpDgLfqYVJIkjcUtLCjL6HK4SCjfecE3lsHcHRNL7w-A5CxQiYFSE3lIN62HCeeu6sguw5iZK6alPuKcNvgkNX7aILhwCZQdiYSZQ.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 3886628682223636672
.a-mo.net/ Name: amuid2
Value: 5cee75f2-8ad8-417c-8f2b-3daba078ec7a
.a-mo.net/ Name: pamuid2
Value: 5cee75f2-8ad8-417c-8f2b-3daba078ec7a
.prebid.a-mo.net/ Name: psd_amuid2
Value: 5cee75f2-8ad8-417c-8f2b-3daba078ec7a
.prebid.a-mo.net/ Name: sd_amuid2
Value: 5cee75f2-8ad8-417c-8f2b-3daba078ec7a
.adsrvr.org/ Name: TDID
Value: 77c79248-d765-4dff-b399-d5cbd1628181
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1307149725%3B%24ql%3DHigh%3B%24qpc%3Dh2y+2j7%3B%24qt%3D93_1012_37935t%3B%24dma%3D0%3B%24qo%3D6
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 2064016820420942736696
.smartadserver.com/ Name: pid
Value: 8452238319077029474
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1307149725%3B%24ql%3DHigh%3B%24qpc%3Dh2y+2j7%3B%24qt%3D93_1012_37935t%3B%24dma%3D0%3B%24qo%3D6&c=1&l&lo&lt=638610119012615070&o=1
.omnitagjs.com/ Name: ayl_visitor
Value: fdb9f49ed89bcb4aa42f047fb4849bd8
.ad.gt/ Name: au_3p_check
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A1IQsw9tuEFijRmSODsH63w
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.file.io/ Name: _au_1d
Value: AU1D-0100-001725415102-I0C8NFXP-V137
.file.io/ Name: __gads
Value: ID=8478ca8ec504794c:T=1725415101:RT=1725415101:S=ALNI_Mb7SP7aZCoxMXo7tEq7a9yOw0T67g
.file.io/ Name: __gpi
Value: UID=00000eda11b547a9:T=1725415101:RT=1725415101:S=ALNI_MbncePcFOGnCg918hWDBSXygM5z-w
.prebid.a-mo.net/ Name: __amc
Value: 2_1725415101_1725415102
.adnxs.com/ Name: icu
Value: ChkInZeIARAKGAIgAigCML793rYGOAJAAkgCEL793rYGGAE.
.file.io/ Name: __eoi
Value: ID=155faa007ca86bc9:T=1725415101:RT=1725415101:S=AA-AfjbUGxfVYIaxNROk5PDyvBXQ
.tapad.com/ Name: TapAd_TS
Value: 1725415102098
.tapad.com/ Name: TapAd_DID
Value: c4fd3250-5065-4ae6-949f-ad6b7e8ca640
.zemanta.com/ Name: zuid
Value: WgtJLjXVHU8ZC0SP_xsV
.gumgum.com/ Name: vst
Value: u_b8108f60-3c8e-42dd-84d9-a9313156dad1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7A25AC93-1E74-489E-BD48-53BB2C0A1325
.ad.gt/ Name: au_id
Value: AU1D-0100-001725415102-I0C8NFXP-V137
.yellowblue.io/ Name: wrvUserID
Value: 0J3SDoCzC
.3lift.com/ Name: tluidp
Value: 2064016820420942736696
.doubleclick.net/ Name: IDE
Value: AHWqTUmb8QICK1VtmOSQYLPIbh63Bi69W29mCW7X-zVGYyDBw1Jsfex_EXa0JSBbkrA
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 52880301
.go.sonobi.com/ Name: __uis
Value: f794a070-cdec-495b-b74c-6c653d5a4298
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 324c379c9eabd488629e587259cf0e71
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5953
.file.io/ Name: _cc_id
Value: 324c379c9eabd488629e587259cf0e71
.file.io/ Name: panoramaId_expiry
Value: 1725501502458
.go.sonobi.com/ Name: __uir_td
Value: 227119167745483694
.go.sonobi.com/ Name: __uin_td
Value: 77c79248-d765-4dff-b399-d5cbd1628181
.rubiconproject.com/ Name: khaos
Value: M0N7LPTA-13-KP8J
.rubiconproject.com/ Name: khaos_p
Value: M0N7LPTA-13-KP8J
.onetag-sys.com/ Name: OTP
Value: _loaK3NJFwWkDebwmFE_nF2rLMqTRYBt1Tgz4DZ4eJ8
.sitescout.com/ Name: ssi
Value: bbf69ffb-4403-4486-95c3-e67e1cb21a7b#1725415102868
.smaato.net/ Name: SCM
Value: 7714fe86cb
.smaato.net/ Name: SCMrise
Value: 7714fe86cb
.ipredictive.com/ Name: cu
Value: ff53d1dc-6d2e-4984-b788-c24cdd5ce3f7|1725415102900
.yahoo.com/ Name: A3
Value: d=AQABBL6-12YCENaAuzU5rKumVEMNJXWbekIFEgEBAQEQ2WbhZgAAAAAA_eMAAA&S=AQAAAosub_Xk2jlaOPqCu_nxunA
.adform.net/ Name: C
Value: 1
.media.net/ Name: visitor-id
Value: 3684167027040604000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.33across.com/ Name: 33x_ps
Value: u%3D212774289754996%3As1%3D1725415102864%3Ats%3D1725415102864
.deepintent.com/ Name: CDIUSER
Value: di_05c6c6203b9440bd97ed5
.lijit.com/ Name: ljt_reader
Value: JRd2ALZHibusND0NQjeMEK8z
.contextweb.com/ Name: V
Value: 3B6Ob4F8FxAa
.contextweb.com/ Name: VP
Value: part_3B6Ob4F8FxAa
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ecc7e5b407645106
.storygize.net/ Name: U
Value: 8aff5684-48b6-4bb0-80ab-63bd5cf1ba03
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-06a98f4a-c93d-5d89-67d4-9b04d180366b.O%2FNHqYABOYmcPu7dqfqi1K1ZBOY%2F3fDV175q8Z%2FiEZw
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-06a98f4a-c93d-5d89-67d4-9b04d180366b.O%2FNHqYABOYmcPu7dqfqi1K1ZBOY%2F3fDV175q8Z%2FiEZw
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ABqmPSsk9XYln1JsE0YA2a6YAzUY.Oi4EXC%2FKYuTKPq%2FXQRXYy%2FM%2FZ9%2BJVk8G9%2BvRW5DOXA0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ABqmPSsk9XYln1JsE0YA2a6YAzUY.Oi4EXC%2FKYuTKPq%2FXQRXYy%2FM%2FZ9%2BJVk8G9%2BvRW5DOXA0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIL_x7H3HUFuWTL4QochszxK_ouYdoFVdjWzvTsERZh9OEAMYAyC__d62BjABOgQUEbaQQgTq7s4o.1TXedpKX4v0zGTsqnfKjbpP%2FSvIzZeJcmRJ2i5pPkuw
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIL_x7H3HUFuWTL4QochszxK_ouYdoFVdjWzvTsERZh9OEAMYAyC__d62BjABOgQUEbaQQgTq7s4o.1TXedpKX4v0zGTsqnfKjbpP%2FSvIzZeJcmRJ2i5pPkuw
.cpx.to/ Name: dsp_dbm
Value: CAESEC1oiBe0BaEGjftJq4Ml2ZM#1725415102995
.creativecdn.com/ Name: g
Value: PoTaGw7ll8WElJda2dop_1725415103020
.creativecdn.com/ Name: ts
Value: 1725415103
.adform.net/ Name: uid
Value: 6440552283931702919
.csync.loopme.me/ Name: viewer_token
Value: 32712144-8e97-4ffd-acc6-178d8904a5f6
.go.sonobi.com/ Name: __uir_st
Value: 227119172040450991
.go.sonobi.com/ Name: __uin_st
Value: BqmPSsk9XYln1JsE0YA2a6YAzUY
.cpx.to/ Name: dsp_pubmatic
Value: 7A25AC93-1E74-489E-BD48-53BB2C0A1325#1725415103098
.cpx.to/ Name: dsp_app_nexus
Value: 3886628682223636672#1725415103098
.cpx.to/ Name: dsp_pub_common
Value: a6e95981-e7b0-4b51-8697-d6a250e6a6ec#1725415103098
.cpx.to/ Name: dsp_TTD
Value: 77c79248-d765-4dff-b399-d5cbd1628181#1725415103098
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEILFDFjanJGofiruH9P2pMA&KRTB&23025-CAESEILFDFjanJGofiruH9P2pMA&KRTB&23386-CAESEILFDFjanJGofiruH9P2pMA
.mathtag.com/ Name: uuid
Value: 924a66d7-bebf-4700-8777-14b1a9f2f7ec
.semasio.net/ Name: SEUNCY
Value: 861FAF6A7DB563C0
.admanmedia.com/ Name: admtr
Value: eb1db218-698c-40f8-96a9-6c08e75a0b97
.cpx.to/ Name: dsp_rubicon
Value: M0N7LPTA-13-KP8J#1725415103420
.mfadsrvr.com/ Name: tuuid
Value: 9332b1c3-3728-40cf-855f-51fb2cd2cda4
.mfadsrvr.com/ Name: c
Value: 1725415103
.mfadsrvr.com/ Name: tuuid_lu
Value: 1725415103
.simpli.fi/ Name: suid
Value: D0FB2B417D104A1598F1A0FB0C14275F
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-77c79248-d765-4dff-b399-d5cbd1628181&KRTB&22918-77c79248-d765-4dff-b399-d5cbd1628181&KRTB&22926-77c79248-d765-4dff-b399-d5cbd1628181&KRTB&23031-77c79248-d765-4dff-b399-d5cbd1628181
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-ff53d1dc-6d2e-4984-b788-c24cdd5ce3f7&KRTB&23011-ff53d1dc-6d2e-4984-b788-c24cdd5ce3f7&KRTB&23355-ff53d1dc-6d2e-4984-b788-c24cdd5ce3f7
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:D0FB2B417D104A1598F1A0FB0C14275F&KRTB&23486-uid:D0FB2B417D104A1598F1A0FB0C14275F&KRTB&23489-uid:D0FB2B417D104A1598F1A0FB0C14275F&KRTB&23539-uid:D0FB2B417D104A1598F1A0FB0C14275F
.adx.opera.com/ Name: UID
Value: OPUb35d18c8cd7d44158fc785046c8db482
.go.sonobi.com/ Name: __uir_bs
Value: 227119172040450991
.go.sonobi.com/ Name: __uin_bs
Value: bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
.socdm.com/ Name: SOC
Value: Zte.v8Co8YwAAFNVnEAAAAAA
.bidr.io/ Name: bito
Value: AADRek7Nr34AAErCwcu_lA
.bidr.io/ Name: bitoIsSecure
Value: ok
.primis.tech/ Name: csuuid
Value: 66d7bec083c7c
.linkedin.com/ Name: bcookie
Value: "v=2&ed251031-daaf-4bc3-823d-666d9e8239fd"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjU0MTUxMDQ7MjswMjHe9AhQHhZDuZiHhu/uux+7joAqPxY+qqdDTHTgV9K2Ng==
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2918:u=1:x=1:i=1725415104:t=1725501504:v=2:sig=AQFI2EqHTov6fRf-wGbeh9Uy1RfHY9xP"
www.file.io/ Name: _lr_retry_request
Value: true
www.file.io/ Name: _lr_env_src_ats
Value: false
.lijit.com/ Name: _ljtrtb_80
Value: M0N7LPTA-13-KP8J
.intentiq.com/ Name: intentIQ
Value: MBnrGlFsZM
.intentiq.com/ Name: IQver
Value: 1.9
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553&KRTB&23418-bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAE8KacIA3zzQJa2jodAQEBAQEBAQCQu8AjjAEBAJC7wCOM&KRTB&22715-AQAE8KacIA3zzQJa2jodAQEBAQEBAQCQu8AjjAEBAJC7wCOM&KRTB&23519-AQAE8KacIA3zzQJa2jodAQEBAQEBAQCQu8AjjAEBAJC7wCOM
.mfadsrvr.com/ Name: ssh
Value: !adyoulike=1725415105
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVTk1ud1pT
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1725415105256
.intentiq.com/ Name: IQPData
Value: 2785070406#1725415105254#0#1725415105254
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-6470fd47-4053-32e8-8003-3b36234e61b5
.aidemsrv.com/ Name: __cf_bm
Value: .SIyTdM2GieVw7t62sVhmJ7eHEWRyGWxBfMZrYgFueo-1725415105-1.0.1.1-IgTC.SikczaPUDDTrC.rdVgWSO9uV9ixcj8nlKHNsxL8tZXPNtZqVHDy7Wbg8FU57lsIOeqVKTWepYpSwiMmWw
.smaato.net/ Name: SCMsas
Value: 7714fe86cb
.the-ozone-project.com/ Name: ozone_uid
Value: 2laPExHddSEbVbUNum5DHrknR96
.the-ozone-project.com/ Name: __cf_bm
Value: Q8nHWrp3a5844jSyi1ePhPCW4gf5jqbMrua1bmCn48M-1725415105-1.0.1.1-QebG6FcTvLYNxQxf3X0nZgPcCRp9epno2G2xXX.lhLhuA6qo4cWlFI21hGxmvtHjEWlphWvvZj1LCVD69u.6hA
.bing.com/ Name: MUID
Value: 2EF49E7FFE31649B18A88A8FFF1B65B4
.c.bing.com/ Name: MR
Value: 0
.turn.com/ Name: uid
Value: 3197116904514817998
.openwebmp.com/ Name: wrvUserID
Value: 0T8SYBkzCp_ow
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ4LGY-SDAAwEJ1aG83Q4HY4yILuKQTpsCIq40odP4BmonoysJGr2K4NihpQC4TM1
.open-adsyield.com/ Name: lluid
Value: 2e3d1923-8497-3a69-ce65-e082cb2a2a97
.open-adsyield.com/ Name: llum
Value: eyJhZHkiOnsiNCI6MTcyNTQxNTEwNTU5NH19
.dotomi.com/ Name: DotomiTest
Value: 7b1659811717100b
.admanmedia.com/ Name: ac_r
Value: CS253|CS80
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2667179633559382981&KRTB&23150-2667179633559382981&KRTB&23527-2667179633559382981&KRTB&23629-2667179633559382981
.postrelease.com/ Name: visitor
Value: 8834faf2-c790-49cf-8108-f04e5e87ebd2
.postrelease.com/ Name: status
Value: 0
.tynt.com/ Name: uid
Value: p7fwLGbXvsEnE9noW/dN4Q==
.pxl.iqm.com/ Name: equativ
Value: MTcyNjYyNDcwNTgyNg==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 3e3accd4-1e4b-4ff7-b64b-a7d64f42c9fc
.go.sonobi.com/ Name: HAPLB8G
Value: s8653|Zte+x
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240904%22%2C%22141%22%3A%2220240904%22%7D
.casalemedia.com/ Name: CMID
Value: Zte.wtHM6F0AAEpLAERY.AAA
.casalemedia.com/ Name: CMPS
Value: 541
.casalemedia.com/ Name: CMPRO
Value: 541
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_05c6c6203b9440bd97ed5&KRTB&23571-di_05c6c6203b9440bd97ed5
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-9CDXka14gnbwegDxTEmIC8dIB-Zz6_ylVyTi4ZKxyhw&KRTB&23047-9CDXka14gnbwegDxTEmIC8dIB-Zz6_ylVyTi4ZKxyhw&KRTB&23234-9CDXka14gnbwegDxTEmIC8dIB-Zz6_ylVyTi4ZKxyhw&KRTB&23361-9CDXka14gnbwegDxTEmIC8dIB-Zz6_ylVyTi4ZKxyhw
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUb35d18c8cd7d44158fc785046c8db482&KRTB&23485-OPUb35d18c8cd7d44158fc785046c8db482&KRTB&23524-OPUb35d18c8cd7d44158fc785046c8db482&KRTB&23575-OPUb35d18c8cd7d44158fc785046c8db482
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-BqmPSsk9XYln1JsE0YA2a6YAzUY&KRTB&23334-BqmPSsk9XYln1JsE0YA2a6YAzUY&KRTB&23417-BqmPSsk9XYln1JsE0YA2a6YAzUY&KRTB&23426-BqmPSsk9XYln1JsE0YA2a6YAzUY
.file.io/ Name: FCNEC
Value: %5B%5B%22AKsRol_YOjLUl2WaGf0Qvv1cq8jcrsih6kPMvnQOe3nvRMoxVM2iZAQed3CpvmjeGQWXCZ4qsw6F1MJlTnrPMV0DuQjDV30Qm1qnHPShjjZEh7UHiXE4ZjbYDNAbqlu_onYYB5iNIoleRytmXp_eFIiNnBFL11-_PA%3D%3D%22%5D%5D
.aniview.com/ Name: 1_C_142
Value: 30edda30-6294-4fda-80c0-b46c6f428718
sync.aniview.com/ Name: 1_C_142
Value: 30edda30-6294-4fda-80c0-b46c6f428718
.aniview.com/ Name: 1_C_18
Value: JRd2ALZHibusND0NQjeMEK8z
sync.aniview.com/ Name: 1_C_18
Value: JRd2ALZHibusND0NQjeMEK8z
.aniview.com/ Name: aniC
Value: 672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8
sync.aniview.com/ Name: aniC
Value: 672311af-cb9d-4ba8-a6d5-2b3cfb86d2c8
.aniview.com/ Name: 1_C_204
Value: 585a5e22-05f9-4998-88e0-02edc831cbc9
sync.aniview.com/ Name: 1_C_204
Value: 585a5e22-05f9-4998-88e0-02edc831cbc9
.aniview.com/ Name: 1_C_24
Value:
sync.aniview.com/ Name: 1_C_24
Value:
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1tfw|7dN.0.AADRek7Nr34AAErCwcu_lA|8i8.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1tfw|7dN.0.AADRek7Nr34AAErCwcu_lA|8i8.0.1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcyNTQxNTEwNTA4MiwiMzkiOjE3MjU0MTUxMDMwMzgsIjciOjE3MjU0MTUxMDMwMzgsIjc0IjoxNzI1NDE1MTA2NTkwfQ
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6440552283931702919&KRTB&23263-6440552283931702919&KRTB&23481-6440552283931702919
.aniview.com/ Name: 1_C_72
Value: bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
sync.aniview.com/ Name: 1_C_72
Value: bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1725415106845%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1725415106845%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1725415106845%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1725415106845%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1725415106845%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1725415106845%7D%5D
.mxptint.net/ Name: mxpim
Value: R33646_11B4DB8F4_E88CE7B8.1.000000000000000066D7BEC2
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmRqYmhqaGBmYWoEADeZRbcQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0M7Q0tjA1MDIxNhHiM9R1NioKC7BwyTAOLQ4BAG1Ll3MlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0M7Q0tjA1MDIxNhHiM9R1NioKC7BwyTAOLQ4BAG1Ll3MlAAAA
.eexsync.com/ Name: CID
Value: 69c12361db361b47e8fb48dc43845cc536711885
.kargo.com/ Name: ktcid
Value: 8bbbbf12-bcdf-0eb8-5f6e-1f843bcbc741
.quantserve.com/ Name: sp
Value: CggIiQ0SAxCrDQ==
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_11B4DB8F4_E88CE7B8&KRTB&23092-R33646_11B4DB8F4_E88CE7B8
.pippio.com/ Name: did
Value: 0TIGOeeGraDyIqsy
.pippio.com/ Name: didts
Value: 1725415106
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.w55c.net/ Name: wfivefivec
Value: YtvIWxpk1SLFhU5
.doubleclick.net/ Name: APC
Value: AfxxVi54--0V0v9phdqgrpdRpVkGHM6LCtgqvpD0Ym_9t4vsUtjiNQ
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1791377161938502434&KRTB&23628-1791377161938502434
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-hSqXaNF5kTyeeJY71S7eOoZ5ym2eKJA60i8sVZdq&KRTB&22979-hSqXaNF5kTyeeJY71S7eOoZ5ym2eKJA60i8sVZdq&KRTB&23462-hSqXaNF5kTyeeJY71S7eOoZ5ym2eKJA60i8sVZdq
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-2d3b470c-7924-49d7-97f0-1b1bdbcfbda5&KRTB&23340-2d3b470c-7924-49d7-97f0-1b1bdbcfbda5&KRTB&23498-2d3b470c-7924-49d7-97f0-1b1bdbcfbda5
.a-mx.com/ Name: amdt_t
Value: p::1725415107019
.a-mx.com/ Name: amuid2
Value: 5cee75f2-8ad8-417c-8f2b-3daba078ec7a
.thrtle.com/ Name: mc
Value: eyJpZCI6IjczZGU2YTQzLTMwMTctNDVhMC04NGJiLWE3NmRjNGJiMzZjMiIsImwiOjE3MjU0MTUxMDcwNDAsInQiOjF9
.tribalfusion.com/ Name: ANON_ID
Value: aunt6Zawl6h7bQQwbPBqU7JZbgiNPqQYfTVu3N9bXFnTLUb0X3YL39BY5ZaudPZcobbJqt8OQYESYgJqF45bZciMGmu4fa2ZbP
beacon.lynx.cognitivlabs.com/ Name: UID
Value: a934fdd7-4108-4402-a3c0-20e977f02fa3
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 0LXvEL8QZRnyTWSscn5mmUvQsbZwNRU7aH7pH3G881XnDqwbYHAWXRECAquBr2AzamDO032Lm2A3yTKzWzWI1w%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:YtvIWxpk1SLFhU5&KRTB&23421-uid:YtvIWxpk1SLFhU5
.doubleclick.net/ Name: ar_debug
Value: 1
.quantserve.com/ Name: d
Value: ELEBCwHdLPijAA
.technoratimedia.com/ Name: tads_uidp_37
Value: 9b264506-52b8-3352-aa43-e1d24c161b37
.technoratimedia.com/ Name: tads_uidp_44
Value: M0N6BWOO-9-468M
.technoratimedia.com/ Name: tads_uidp_48
Value: 0f402fd8-45cb-4439-afe9-151815ec9843
.technoratimedia.com/ Name: tads_uidp_49
Value: AQAEnb-xsXVtgQIOev0-AQEBAQEBAQCQu1e6vQEBAJC7V7q9
.technoratimedia.com/ Name: tads_uidp_50
Value: 03991e0b-6895-4196-be89-bfd1834db364
.technoratimedia.com/ Name: tads_uidp_61
Value: 212773843252401
.technoratimedia.com/ Name: tads_uidp_62
Value: 3684155787040628000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: dv-fgKKdZ7CtwlxCWpXWHCOwfUsoMD9b
.technoratimedia.com/ Name: tads_uidp_7
Value: cef2f462-206a-474d-b284-3fd9ef2b63ee
.technoratimedia.com/ Name: tads_uidp_73
Value: AADRek7Nr34AAErCwcu_lA
.technoratimedia.com/ Name: tads_uidp_77
Value: qyBXzUdOI_Eb-AIyqb2lhxzv82iaSFjMgqx7aFcsGW8
.technoratimedia.com/ Name: tads_uidp_79
Value: 650e7fd6-ed42-45a1-a001-3198afc5f365
.technoratimedia.com/ Name: tads_uidp_82
Value: ZtexwtHM6acAAFP7AFOGdAAA&3595
.technoratimedia.com/ Name: tads_uidp_88
Value: 386458051789093956520
.technoratimedia.com/ Name: tads_uid
Value: 3D41F3424F91461D86237100B02D12A1
.technoratimedia.com/ Name: tads_uid_cd
Value: 20240819005706+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.lijit.com/ Name: ljtrtb
Value: eJyrVrIwULJS8jXwM%2FcJCHHUNTTW9Q6w8FKqBQBOEQYx
.lijit.com/ Name: _ljtrtb_279534
Value: ua-6470fd47-4053-32e8-8003-3b36234e61b5
.file.io/ Name: cto_bundle
Value: Hayt118xVHdMOUtOcDFYY3VHQ0FhQVJ5SmJJQTZhMEdtSDBUSXdGekJadDNOYnFaMkNEM0podklUVGdtNnBDczgySFpEc29iWjFWWlpONjN2UERpMm9CUUtWbHBtT1AxejlnVTZ0ZjJqRzNIUXJMbyUzRA
.file.io/ Name: cto_bidid
Value: ziDPLV9lZzZsM1VRS1c5cmJ3OHRBWjYzU3VOdHJ6SzQwTTBTRmIlMkJ2MjkxVW16QW9VJTJGSks2ZXpPbiUyQlclMkZ6bGoxWnFEJTJCbHp1STJvZWFneUswMllyTkRHJTJCcTA1USUzRCUzRA
.adsby.bidtheatre.com/ Name: __kuid
Value: 921f1169-e5ee-41d1-b182-8ce9704e7d2f.494629107
.krushmedia.com/ Name: krm_usr
Value: de4b9a3f-9eaf-563e-8f4f-4d1dd0eb307f
.mookie1.com/ Name: id
Value: 10594507030874672007
.mookie1.com/ Name: mdata
Value: 1|10594507030874672007|1725415107446
.mookie1.com/ Name: ov
Value: 814ac5a11a9c3e9c0cb157039005fbf9
.rtb.mx/ Name: amdt_t
Value: p::1725415107556
.rtb.mx/ Name: amuid2
Value: 5cee75f2-8ad8-417c-8f2b-3daba078ec7a
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADRek7Nr34AAErCwcu_lA
.id5-sync.com/ Name: 3pi
Value: 112#1725415104200#1764140685#861FAF6A7DB563C0|2#1725415106329#-2128112044#3886628682223636672|434#1725415107028#1133992649|1221#1725415107532#1189544488|264#1725415107238#-1065013719#77c79248-d765-4dff-b399-d5cbd1628181|441#1725415104859#697504694#u_b8108f60-3c8e-42dd-84d9-a9313156dad1|108#1725415107532#750020542|429#1725415106088#-807353081#7A25AC93-1E74-489E-BD48-53BB2C0A1325
.ads.stickyadstv.com/ Name: UID
Value: 740efe7b1ee2d3fc8a0a2451e74c37
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.aniview.com/ Name: 1_C_9
Value: e42ffa6c5ccb4f87abffd2e3f2af7412
sync.aniview.com/ Name: 1_C_9
Value: e42ffa6c5ccb4f87abffd2e3f2af7412
.aniview.com/ Name: 1_C_5
Value: M0N7LPTA-13-KP8J
sync.aniview.com/ Name: 1_C_5
Value: M0N7LPTA-13-KP8J
.krushmedia.com/ Name: krm_r
Value: 615|55
.aniview.com/ Name: 1_C_49
Value: 8452238319077029474
sync.aniview.com/ Name: 1_C_49
Value: 8452238319077029474
.openx.net/ Name: i
Value: ce5bf981-a00f-42ef-9c77-b96a92a979c8|1725415107
.aniview.com/ Name: 1_C_62
Value: de4b9a3f-9eaf-563e-8f4f-4d1dd0eb307f
sync.aniview.com/ Name: 1_C_62
Value: de4b9a3f-9eaf-563e-8f4f-4d1dd0eb307f
.smartadserver.com/ Name: csync
Value: 22:6440552283931702919|104:M0N7LPTA-13-KP8J|127:AADRek7Nr34AAErCwcu_lA|133:7714fe86cb|139:0|150:0|154:3e3accd4-1e4b-4ff7-b64b-a7d64f42c9fc
.aniview.com/ Name: 1_C_215
Value: bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
sync.aniview.com/ Name: 1_C_215
Value: bbf69ffb-4403-4486-95c3-e67e1cb21a7b-66d7bebe-5553
.aniview.com/ Name: 1_C_55
Value: 3886628682223636672
sync.aniview.com/ Name: 1_C_55
Value: 3886628682223636672
.aniview.com/ Name: 1_C_20
Value: _loaK3NJFwWkDebwmFE_nF2rLMqTRYBt1Tgz4DZ4eJ8
sync.aniview.com/ Name: 1_C_20
Value: _loaK3NJFwWkDebwmFE_nF2rLMqTRYBt1Tgz4DZ4eJ8
.aniview.com/ Name: 1_C_105
Value: 5cee75f2-8ad8-417c-8f2b-3daba078ec7a
sync.aniview.com/ Name: 1_C_105
Value: 5cee75f2-8ad8-417c-8f2b-3daba078ec7a
.aniview.com/ Name: 1_C_23
Value: 41755e72-01b9-4904-93c2-c49f72d86307
sync.aniview.com/ Name: 1_C_23
Value: 41755e72-01b9-4904-93c2-c49f72d86307
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: qfisorhjyyod4sw1xkaphjlo
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:924a66d7-bebf-4700-8777-14b1a9f2f7ec
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.aniview.com/ Name: 1_C_1
Value: 7A25AC93-1E74-489E-BD48-53BB2C0A1325
sync.aniview.com/ Name: 1_C_1
Value: 7A25AC93-1E74-489E-BD48-53BB2C0A1325
.rqtrk.eu/ Name: browser_id
Value: 1:b7eb010c-7527-46c0-96f5-aa59bd17fcbd
.file.io/ Name: _pubcid
Value: 07512acd-660a-458b-b7f6-2958618df650
.file.io/ Name: _pubcid_cst
Value: yyzLLLEsNg%3D%3D
.adkernel.com/ Name: SSPR_40
Value: aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9MjcmYnV5ZXJ1aWQ9QTUyMDczNDY1NzY5NTk0MDg0MTAmcj1DaWQxWVMwMk5EY3dabVEwTnkwME1EVXpMVE15WlRndE9EQXdNeTB6WWpNMk1qTTBaVFl4WWpVcWp3Rm9kSFJ3Y3pvdkwzTjVibU11WVc1cGRtbGxkeTVqYjIwdlkyOXZhMmxsYzNsdVkyVnVaSEJ2YVc1MFAyRjFhV1E5TmpjeU16RXhZV1l0WTJJNVpDMDBZbUU0TFdFMlpEVXRNbUl6WTJaaU9EWmtNbU00Sm1KcFpHUmxjbTVoYldVOU5USW1hMlY1UFhWaExUWTBOekJtWkRRM0xUUXdOVE10TXpKbE9DMDRNREF6TFROaU16WXlNelJsTmpGaU5USUNCaHM0QWc9PQ==
.adkernel.com/ Name: SSPZ
Value: 176971
.adkernel.com/ Name: DSP2F_40
Value: 649146
.adkernel.com/ Name: ADKUID
Value: A5207346576959408410
.adgrx.com/ Name: ADGRX_UID
Value: 2deaab8e-6a61-11ef-986c-d3fd14431a6d
io.narrative.io/ Name: io.narrative.guid.v2
Value: 2df026e0-6a61-11ef-9dab-00000a0dbcff
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: xeld4xzb44xezkolhlb0ojll
.ib.mookie1.com/ Name: ibkukiuno
Value: s=442a84da-1652-4d6f-8b15-f3b941636690&h=&v=0&l=-8584761917767518794&op=&hl=0&vlu=0&tcs=1&dcc=-8584761917767518794
.ib.mookie1.com/ Name: ibkukinet
Value: 2785070406=-8584761917767518794
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.iqzone.com/ Name: iq_u_key
Value: 72984e97-d4f0-47fe-b96a-7067601b418e
.iqzone.com/ Name: iq_r_key
Value: 277
.resetdigital.co/ Name: ckbk
Value: 000001579D61C6FA
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-2deaab8e-6a61-11ef-986c-d3fd14431a6d&KRTB&23275-2deaab8e-6a61-11ef-986c-d3fd14431a6d
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000001579D61C6FA&KRTB&23175-000001579D61C6FA
.pubmatic.com/ Name: SyncRTB4
Value: 1726272000%3A63%7C1730592000%3A69%7C1726617600%3A56_220_266_231_7_48_81_55_46_13_99_243_96_166_8_178_238_5_21_3_165_267_233_176_234_264_240_71_54_250_249_104_214_22%7C1726012800%3A15_38_2_223%7C1725840000%3A216%7C1726704000%3A268_35%7C1728000000%3A224
.ctnsnet.com/ Name: cid_841fb8548de24b8493da6b27cc12aa64
Value: 1
.richaudience.com/ Name: pdid
Value: b168db19-ef79-48bf-a951-1zz1725415062
.agkn.com/ Name: ab
Value: 0001%3Afyvco2%2BZFYfFKhTmIh%2FPDL%2BagLHd6K9j
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7787015091723482599P
.owneriq.net/ Name: pmc
Value: 1
.id5-sync.com/ Name: id5
Value: e7c6bed1-12bc-77de-b4a1-8b320b59360c#1725415102221#5
.onaudience.com/ Name: cookie
Value: 066a101f50c08646
.onaudience.com/ Name: done_redirects109
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 20
.pubmatic.com/ Name: DPSync4
Value: 1725494400%3A248_255%7C1726617600%3A226_262_256_245_260_228_263_259_235_219_197_201_236_261_258%7C1726012800%3A252_265_164_253%7C1726444800%3A257
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1725436709615
.rlcdn.com/ Name: rlas3
Value: r7RKTLyaV8lk7eMQhGT85v7OOA8GpaQuGtx/DD2HdaU=
.rlcdn.com/ Name: pxrc
Value: CMH93rYGEgUI6AcQABIFCOhHEAESBgi46wEQBA==
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-q8vL_dDsDrKV496Jxb7XZg&KRTB&23557-q8vL_dDsDrKV496Jxb7XZg&KRTB&23586-q8vL_dDsDrKV496Jxb7XZg
.pubmatic.com/ Name: PugT
Value: 1725415109
.yieldmo.com/ Name: yieldmo_id
Value: VRcYkccQmYcAi3lRTfqT%7C1725408000000%7C0
.fwmrm.net/ Name: _uid
Value: umo1d96_7410602575474309439
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umo1d96_7410602575474309439
.ads.stickyadstv.com/ Name: MRM_UID
Value: umo1d96_7410602575474309439
.rubiconproject.com/ Name: audit_p
Value: 1|CH1r8YlisqMGRkInA2LcBun01aX/uO9Pxj7VzgE0OA8Q1nTWsk2hDQ3dducRhq44jVajSj3OLhFBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPB7UadQfuHwjOuJZCeOpe4rDkc0Tp7lwo4EMGZ+kcTCRzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.rubiconproject.com/ Name: audit
Value: 1|CH1r8YlisqMGRkInA2LcBun01aX/uO9Pxj7VzgE0OA8Q1nTWsk2hDQ3dducRhq44jVajSj3OLhFBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPB7UadQfuHwjOuJZCeOpe4rDkc0Tp7lwo4EMGZ+kcTCRzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.bluekai.com/ Name: bku
Value: 5RW991SINtjueCWc
.bluekai.com/ Name: bkpa
Value: KJy9/9e4d02pSUHknp1p1Exhw0jojeNMBtPi1M5ARpJiBsHARpBC9yYSXxZU
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-VSe9RnJE2oOfBtqsvhJ9Pi_tUkhONylUQVfnsNPt~A
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNjQ0MDU1MjI4MzkzMTcwMjkxOSIsImV4cGlyZXMiOiIyMDI0LTA5LTE4VDAxOjU4OjI5LjEzNzczMzg4M1oifSwiaXgiOnsidWlkIjoiWnRlLnd0SE02RjBBQUVwTEFFUlkuQUFBXHUwMDI2NTQxIiwiZXhwaXJlcyI6IjIwMjQtMDktMThUMDE6NTg6MjcuNTcxNTQ2MjgzWiJ9LCJtZWRpYW5ldCI6eyJ1aWQiOiIzNjg0MTY3MDI3MDQwNjA0MDAwVjEwIiwiZXhwaXJlcyI6IjIwMjQtMDktMThUMDE6NTg6MjcuMDI3NDA2MDgyWiJ9LCJvbmV0YWciOnsidWlkIjoiX2xvYUszTkpGd1drRGVid21GRV9uRjJyTE1xVFJZQnQxVGd6NERaNGVKOCIsImV4cGlyZXMiOiIyMDI0LTA5LTE4VDAxOjU4OjI5LjQyNDYwMjkwMloifSwib3BlbngiOnsidWlkIjoiMjQyOTQ5MTctYjAxNy00ZWYxLWFkMmQtYjE5Nzc3ZDU4OGI4IiwiZXhwaXJlcyI6IjIwMjQtMDktMThUMDE6NTg6MzAuNDU2OTczNzMyWiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiI3QTI1QUM5My0xRTc0LTQ4OUUtQkQ0OC01M0JCMkMwQTEzMjUiLCJleHBpcmVzIjoiMjAyNC0wOS0xOFQwMTo1ODozMC45MTg3MTA3MloifSwicnViaWNvbiI6eyJ1aWQiOiJNME43TFBUQS0xMy1LUDhKIiwiZXhwaXJlcyI6IjIwMjQtMDktMThUMDE6NTg6MzAuNjUzODU1NTE1WiJ9LCJzaGFyZXRocm91Z2giOnsidWlkIjoiMzBlZGRhMzAtNjI5NC00ZmRhLTgwYzAtYjQ2YzZmNDI4NzE4IiwiZXhwaXJlcyI6IjIwMjQtMDktMThUMDE6NTg6MjguMDk0MjgxMzMzWiJ9LCJzbWFydCI6eyJ1aWQiOiI4NDUyMjM4MzE5MDc3MDI5NDc0IiwiZXhwaXJlcyI6IjIwMjQtMDktMThUMDE6NTg6MjcuODQxODA0OTk4WiJ9LCJzb3ZybiI6eyJ1aWQiOiJKUmQyQUxaSGlidXNORDBOUWplTUVLOHoiLCJleHBpcmVzIjoiMjAyNC0wOS0xOFQwMTo1ODoyOS4yNzAzMDU1ODRaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMjA2NDAxNjgyMDQyMDk0MjczNjY5NiIsImV4cGlyZXMiOiIyMDI0LTA5LTE4VDAxOjU4OjI2LjA1NDcyMzgyNloifSwidHRkIjp7InVpZCI6Ijc3Yzc5MjQ4LWQ3NjUtNGRmZi1iMzk5LWQ1Y2JkMTYyODE4MSIsImV4cGlyZXMiOiIyMDI0LTA5LTE4VDAxOjU4OjI3LjQwMDIzNzk3MVoifSwidW5ydWx5Ijp7InVpZCI6Ik9QVE9VVCIsImV4cGlyZXMiOiIyMDI0LTA5LTE4VDAxOjU4OjI1LjgxNzUxMTE2MloifSwieWllbGRtbyI6eyJ1aWQiOiJWUmNZa2NjUW1ZY0FpM2xSVGZxVCIsImV4cGlyZXMiOiIyMDI0LTA5LTE4VDAxOjU4OjMwLjE1NDUzMTI0OFoifX0sImJkYXkiOiIyMDI0LTA5LTA0VDAxOjU4OjI1LjgxNzUwODg1OVoifQ==
.pubmatic.com/ Name: SPugT
Value: 1725415110
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AADRek7Nr34AAErCwcu_lA
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEPAxeDZna5pOfDGaYIorCTM
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwigooXr4qOmPRAFEhcKCHB1Ym1hdGljEgsIhq2Y8uKjpj0QBRIWCgdydWJpY29uEgsI4vCM-eKjpj0QBRIbCgxzaGFyZXRocm91Z2gSCwjA0_iD46OmPRAFGAEgASgCMgsIgNae7fmjpj0QBTgBWglzdGlja3lhZHNgAg..
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 77c79248-d765-4dff-b399-d5cbd1628181
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 3886628682223636672
.ads.stickyadstv.com/ Name: uid-bp-41396
Value: 2064016820420942736696
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: YtvIWxpk1SLFhU5

2 Console Messages

Source Level URL
Text
javascript error URL: https://www.file.io/z8Va/download/bdjrHZf7rqWN
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.file.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20806bddc7e79fec8ae1f3f389cda6c3.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
apps.sascdn.com
assets.quantcount.com
bcp.crwdcntrl.net
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
cadmus.script.ac
cdn-ima.33across.com
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
ce.lijit.com
ced-ns.sascdn.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
content.quantcount.com
content1.avplayer.com
cs.krushmedia.com
dis.criteo.com
eb2.3lift.com
eexsync.com
elb.the-ozone-project.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
exch.quantcount.com
feed.avplayer.com
file.io
fundingchoicesmessages.google.com
go1.aniview.com
gum.criteo.com
hb-api.omnitagjs.com
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
hb.yellowblue.io
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
onetag-sys.com
optimized-by.rubiconproject.com
p.ad.gt
p.cpx.to
pa.openx.net
pagead2.googlesyndication.com
pixel-ssn.quantcount.com
pixel-sync.sitescout.com
pixel.quantcount.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
play.aniview.com
player.aniview.com
player.avplayer.com
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
proton.ad.gt
pub.doubleverify.com
px.moatads.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s2s.aniview.com
script.4dex.io
sdk.streamrail.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
seg.ad.gt
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.a-mo.net
sync.aniview.com
sync.go.sonobi.com
sync.smartadserver.com
tags.crwdcntrl.net
td.doubleclick.net
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
track1.avplayer.com
track4.aniview.com
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
use1.smartadserver.com
visitor.omnitagjs.com
www.file.io
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www14.smartadserver.com
x.bidswitch.net
z.moatads.com
api.rlcdn.com
image8.pubmatic.com
pagead2.googlesyndication.com
100.21.171.219
104.18.34.190
108.138.106.70
108.138.106.8
108.138.128.46
108.139.30.15
125.253.89.182
125.253.89.184
141.95.33.120
142.250.80.34
142.251.40.102
147.28.146.89
151.101.193.194
151.101.65.108
151.101.67.42
162.19.138.117
172.240.45.70
172.240.45.75
172.240.45.76
172.240.45.78
172.240.45.81
172.64.152.89
18.238.49.74
18.238.80.14
18.67.63.125
192.184.68.254
195.244.31.11
198.148.27.131
2001:4860:4802:38::181
207.65.37.179
207.65.37.181
216.22.16.65
23.105.12.121
23.201.174.84
23.201.191.176
23.41.170.143
23.45.193.13
23.45.194.34
23.83.76.85
2600:141b:1c00:f::172c:c9c5
2600:141b:1c00:f::172c:c9cd
2600:141b:e800:59::1735:7e2f
2600:141b:e800:59::1735:7e44
2600:141b:e800:65::17d3:f199
2600:141b:e800:c8e::2c79
2600:9000:21dd:7e00:6:44e3:f8c0:93a1
2600:9000:2514:2800:c:492d:cd80:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:10::ac43:2483
2606:4700:20::681a:346
2606:4700:20::681a:9a9
2606:4700::6812:1691
2606:4700::6812:a7e0
2606:ae80:1471:16::820
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c1f::9c
2607:f8b0:4006:808::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2620:100:a00b::12
2620:100:a00b::4
2620:116:800b:21:c1e8:5385:5098:6bf0
3.214.166.47
3.225.218.10
3.233.60.12
3.83.106.164
34.102.146.192
34.111.113.62
34.120.111.33
34.197.151.115
34.206.91.202
34.255.52.148
34.36.214.49
34.36.216.150
34.95.69.49
34.96.70.87
34.98.64.218
35.211.202.130
35.244.193.51
35.71.131.137
44.215.220.115
45.55.107.24
50.57.31.206
51.222.39.184
52.208.192.13
52.223.22.214
52.4.195.213
52.46.155.104
52.85.61.84
54.149.167.136
54.224.103.108
54.242.143.54
54.92.251.231
63.251.28.210
63.251.28.211
67.202.105.23
68.67.161.182
68.67.179.153
69.173.146.5
69.194.240.13
74.119.117.16
74.119.117.17
8.2.110.134
8.28.7.83
80.77.87.108
003ebef3df0e3f053e8c9535b204beb9ed81b8d47dbad9d0551490c5ba754149
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0985bfbecbf2335ca5ce59ab853838676c42c3163268dea12cfe583560170bf0
0a491d1fe7b43a39c4f30af0ad22f827d724dc7b322c40e4c946b1e874f374bd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0cd4748cf8e133d8aa6e45d42b54e257b58ec498a3e073e1270e5636c72b7d
0d149c008bcc384ae910e9310813b95e57246629b3d1314a64230a3723fd004d
0e6793d503dab31054f9bd9fae79408db374713aa1b8524b678feb477e292b1e
0f5ab90936dc5f59822ea4131926f16dc85aede391185c179375ed024bb89083
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
10f11b81a495bb23b3255a7268b9e9f4defeadfd46674f1499f1733eea04ff1e
15423633a798d9076f73d7ea9a9fa674cf34b22eba5413a46975d21fd4a1b005
16dc6c08d1383ce96476fb0b651b79fbe89529d601bead76f00321c7d021104e
17712c90e8473e3a5c2f70a4399e79ba0687d7be77d3aa642870f27a1c13da94
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
1ed4b05ef16d0f397ce3004af611093fc12b26c09674e0bf5477ae5bb3ddd923
20553e7f44dc109faf7ac0040eacf17714daf514343d8c16c482d5171c58fba2
2175ad8124e9bcb46467b188eb1e2c04c911b791251e8354ff7d6dc344f4a2ba
251a5bd5791f55093af089db9a502cec41d52e96327db46ab3f37c5ea4da6088
252858d4a1efc7b1bf67aa25eae99ff7a596aaea10a9bc48436eae6e134f9bbe
26501a1ea54927eb684a57374525d72bb7112e5036a8f73dfb9890a34fb08871
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
3148b503996601811f2abcc09d7309d321d02d144c93243b4b914c00b36d87d7
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
336ccd7b9f1093eda6546c5df5eb4f30c853d3e7638ecefd5a764531a6105e42
33e9f0adac6b44db948aeadd9836d361bdecc88f5733ddc1f33963e354ea03d4
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177
36095e3b157249af9b5f4999e86055407a3fbb584716af67a1048ad40b1331fe
387e2f8e327c810d7322f7e5c6222fb3e665a2c5446338e305286610de7b891b
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3caf6e2ff4321c6340f25bea12693166d40546eebadcb2851efeadb5319edc44
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d
3e4c8b87b68aee9b10fd98571c1bedebbdf71dc0a65b16be216637c1acfa9375
41cee572622e55c51a0229bd489312e2b9bcc0ac84d8001f4527d2cfc9700fb7
42a58cc226aa8778d96bbc7162faa7b99a06b0002242cb4a043940f9a6610470
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44323d73c0d3f099f1bddb8dc574b64105fcb41f3cfd281ce2f256f7f77a033f
46e410c7a3ad6a66fd08c9dcf26c9078783463ed4214e3dc53b8b7278b676bf1
47866b8d2915779096be19131efecce0297c2a0c37f581c4e6ee187b13ebb8ea
487d26c7404c0176f716a156618ce0eed6adb36ab8c1aa5e7e10da94696fcb8d
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a8b13e6362d8d67f40ed2efb7930b80728227450b066df8841abd62319a06df
4ad68c8b729e22717f327f8d8a5465366772f15b18a479115b0e71a450f790bd
4b21a45e681015a954968aba5df405351199c3f13ace96c36a8790ff35d9e729
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e2bc0de80dec3d96b000d97adcb7a1cce1e7260555f4141f5677a91c730dbe
57892748a3d22553cb2439fc655fae8fe44ba147b54b5cdc039fb7c627a2052b
57e30f191bec3bcb919f18dc014c7124dd24e9f0755f2abdde9ac3ccb8d161de
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3
5d3ef363d405f0513eb1d33c9c13e8e92cbd595d0f9ead6ed1083df09ed30de7
5e0558e578dc1d36173b4b9e0963c81b981d9119cb7134c8f6345330b6d32797
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
618f84de04f8a165a6d22328816b618433d49c5f50706d033436ea0cc0e1a9a0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f79df94a2da38632fa6e3d13fa3c900e3a7ca9ae3faf44031ed31c4e330aee
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
62e078598c7c6f18e612a42a47e3daa3d56ee6825cf9ffcd1111f144b9b1a00a
69534709412d1f69a19748ec3b15e594798ece4dc3fca9b6c1160ef6ece63f92
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c98246d6bda80ba635b8619edd1df663882fcc3658249484e95f5211b4e84e3
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa
701007245642ada21053a40a2e7131c91c07b041115ea6aef9f0625c4fc9b151
716388ec3bf4fe9a906ba141ce8aa316571ce08f2a1c8258d0384e2e9400b177
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
71db7c122a50c94750063e0ea43ee1e3e8a94fa053874830629e94e838ce433d
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
80f0de18c39f3ef62517ef51570b4fc25733ffa0b6a5039b3b889a96ba39563d
828e1cdf922fffd511342710954b0d410d8cf47be5c20075e8cd428c158e5cf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83832d5307a4d195cddf24f76e66d09b669cfbe23a429d642d06202cb55c96cf
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
875fd006ba054d139a04ccd9be86e7fe4f92e954d4fbd1a22f44aff124c9ef15
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001
8a752caabdce61c93fd0cc514ee9d948299282d56f5f99810015c6066c5e3bad
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de31ca3b5ee96d5d48164452b055807187a319ea53ae568b75063c6348ecfe5
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93a57aba9610c7dbf929c7978f9529890c32c01982d90ae75c6445c9a3e0fa58
973e47e3e377f2987b43b9c16ff6c81490cbd21f21e84abd82a37b463fb9cbe0
98972c906daa578fa3236e39689f4fb09a725e2e5b0a6a48e619a69df4637da6
9aba6d6c4b562ad3a264f872dfb088c8bf79e0b7ebca08f5f57723730da549bd
9aff67207c751e2410d82062275cbbce494d88e6a054b36eeb65fea942b92244
9cbc1c74ab88d900ab8c11985f9188ffa5599cd2a3b76f091b6faefd9b46c75a
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9cf1907c7d26c6610ef9d65bdf860905719a9f3345cd19576fe5d4cdff07ee33
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a300e6d296109bf28f5655db0b3141fe871f6131ac61f2a43ba1a2cdcede160a
a4972ce9b3652c7819e16e56f0b167a86ccb6b64a99b415083c88b367eb83a3f
a8df4522c9f8214c337eea5851b04d3358cc2a063b249ada4d38657d75b724f4
a9d0a668bbfb705e317d51bfaabf290c28cca253877bc8ca0885af764860c945
aa27cc0acc7972917ced13c363d3e150fb5567a3e9ca019b2808655418029d0a
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b01c056279ffb81b719d26ba103dd44db712d8b6d64013e40505d1237cfa7867
b1fcc1c19ba2736a373cd125893141e4f1b082ab447929c6fe5093eaa9157b62
b2c9ac1f1ff16d83baeca8beebd02d4b5107446cf6723b2903ddd14dfd393ad1
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
bc3348e9126296879fb111eff421e7808072c6ae2c02da2aae1ec6ebeaf1849d
be1274185bc7a88a74588ef82af3d472ccdc2574282522325f687f37f58dd788
bfde1ec17e3065d6afb1e936c777877fc9fe4ef18952cce7d1bcb102c8b49f72
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510
c23e9b9353fe1775aed478f15b5ab0a78eece753216e43dc280cc6bbd271e735
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99558fc6ef205ec358d6ac68ec549d6972949f3cdca2be0aed2a2b3c165c17f
ca7b08492df49d4e36d3b00041504eb3dec6e42bde17ce870a7e925f6ea18a48
cc77dc77f2acb1d2781f3d6a45131816596a2f47f90eb52bbbda7ff6dc22697a
cd5d8c9b2c3bfcec4adc8dce616cc638b4954ce17132bd739c99c37a925066b0
cd940eeec14d380c284489a9fc93ab165a869049715053a69513268a8ebc901c
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d2df7e1bbe8dcc18b85e5abd2664d9b1d8503b3c1663d98bf6e1c7299a85ab58
d37e09a9d86650a49b5dc628252f6d2f8cdde7aaf663a360a26ab64dc8d3e5cf
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d7adbd038cda471b0a2f2419e19b3818c76641fa788d1bd780acc969bcc183c4
d9ae0cc0755ea3b042acde2932d6885c1dcbcc785cae4ec96958540302727b66
d9ce1e59fa839cbc702849022d291f296df21ef1c2a5ae7ca2904c7857d4999d
da2b7b94f372fe2c439510e8a882a85d7d6944a074a85c46c8deedc90c305791
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df78014a4fdc3adc02f4c42ee37db3f1b781225b48ec40631ad0bf2f00b9ae3d
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e0dd2eb2fd53d941dfbb4171c5f16cf0869dd730efe32db8b9f60fbd79826a54
e3866028ac748863d614b6132fdbea0dc53c58ef89bfb436c9b1e80a4fdb6709
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e411b8e6d885dadf7c6783703e33b74e4095c962d7edbf40b80ffc50368c5785
eb6811b7561d4143a9864a14d21706eef52be82e0131c52e636ad1bb8333cd58
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef70ac1bba6550ed4f4beeab8a20c96b4d4c23eca334d2cfe07f0331695dbad5
f109fb86a2063da780a15199ec713f0446549160684bc05c3ef6829652dd428d
f13889c4a07885cc26b0ccbf8e48fdc9cb36c5875bcd24bff2693c744e735948
f1600b2dedeb8ee46bd374971d925b70d2619f5b582cea2dade96ab765e4cf59
f39a86d7b95d2cacee1678eaa396b627745bd3f0cdf4a477e6f1ed8e80b7c5ad
f4803a33a08071933f4df3553a3be7fddc1caf0240c715f2ff4e0a27d466401d
f80bd049512b884446db797cc3c8193aa1eb91a1f1aaf59829a5c0a8a12eb1a1
f8d8f438390805aeaed8e0a2c45426fdf6967878ede5e1f54941af47985bfcec
ff94bc0f5742e3f43cc2c02e68b7ea19dd11efa1831099805beb16850cc04979