www.file.io Open in urlscan Pro
18.66.112.32  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://file.io/ HTTP 302
   https://www.file.io/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1

Request Chain 85

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0cQWeciPsd7rLV1ZcanaQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1

Request Chain 86

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1

Request Chain 87

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D

Request Chain 88

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1

Request Chain 89

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0cQWeciPsd7rLV1ZcanaQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1

Request Chain 90

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1

Request Chain 91

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D

Request Chain 92

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1

Request Chain 93

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0cQWeciPsd7rLV1ZcanaQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1

Request Chain 94

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1

Request Chain 95

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D

Request Chain 119

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7333233203735645268

Request Chain 120

• https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
• https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 121

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nWyKubxE2uFoVzRkFGHTRw2RJtms_WDBssKzYEc-~A

Request Chain 123

• https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-0b065b2c-b8a0-342c-838a-760431c51b64

Request Chain 125

• https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://sync.quantumdex.io/setuid?bidder=between&uid=9359b978-2c88-521d-a2d0-fa51c197ea0a

Request Chain 128

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 136

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENiMg6nhvJsJsiEu-A3vpj4&google_cver=1

Request Chain 137

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB&dcc=t

Request Chain 140

• https://ad.turn.com/r/cs?pid=21 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3293524998071827664

Request Chain 143

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y0cQWwABVfxeiAA1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0cQWwABVfxeiAA1&_test=Y0cQWwABVfxeiAA1

Request Chain 147

• https://c1.adform.net/serving/cookie/match?party=14&cid=7FAD1F41-9AB7-432A-8BEA-DE416CED9588 HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FAD1F41-9AB7-432A-8BEA-DE416CED9588

Request Chain 148

• https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2172817844122876230

Request Chain 149

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4d236347-105b-4700-b408-14c60e70273e&gdpr=0&gdpr_consent=

Request Chain 151

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FAD1F41-9AB7-432A-8BEA-DE416CED9588&redir=true&gdpr=0&gdpr_consent= HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FAD1F41-9AB7-432A-8BEA-DE416CED9588&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 153

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f60fQZq3QyqL6t5BbO2ViA%3D%3D HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 154

• https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ddef6347-105a-4100-a95d-86a5d0e15dab

Request Chain 155

• https://pixel.onaudience.com/?partner=214&mapped=7FAD1F41-9AB7-432A-8BEA-DE416CED9588 HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
• https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e53c04dc6d58cc22540569fc8d9687cc&gdpr=1 HTTP 302
• https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6700b78c6f9f83f7/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=6700b78c6f9f83f7/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
• https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent} HTTP 302
• https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m HTTP 302
• https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=933f38b33edf086c

Request Chain 156

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0ZBRDFGNDEtOUFCNy00MzJBLThCRUEtREU0MTZDRUQ5NTg4&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 157

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAmhgTmUaUxsJvi-eKPwo3I&google_cver=1

Request Chain 159

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3839348173923142669

Request Chain 161

• https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7333233203735645268&gdpr=0&gdpr_consent=

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.file.io/ Redirect Chain http://file.io/ https://www.file.io/	410 KB 104 KB	113ms 44ms	Document text/html	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d2877ef8b75491c6c4ab131df0d4108582c0621cc1b15ca414e695458df01ed6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 86347 cache-control public, max-age=0, s-maxage=86400 content-encoding br content-type text/html date Tue, 11 Oct 2022 19:07:55 GMT etag W/"253b1d7f17705eef176f95a03d35686b" last-modified Fri, 07 Oct 2022 19:04:16 GMT server AmazonS3 vary Accept-Encoding via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-cf-id UUgiMaroq1r0dZAjCP-rVh-_hUFEBaNxqn3UZMiMJylaj-7YtDQM_g== x-amz-cf-pop FRA56-P5 x-amz-id-2 Hqmhpw7mIZEJdqJZynabI3MHG4iXXQ/SfDR8gKvv6HCcInp0PZOMTArgmRUaZDF1h8QWuEpoElw= x-amz-request-id 1S9E5BVRMK9V6J62 x-cache Hit from cloudfront Redirect headers Access-Control-Allow-Headers Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with Access-Control-Allow-Methods GET,HEAD,POST,PUT,PATCH,DELETE Access-Control-Allow-Origin * Access-Control-Expose-Headers X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset Connection keep-alive Content-Length 82 Content-Type text/html; charset=utf-8 Date Wed, 12 Oct 2022 19:07:02 GMT Location https://www.file.io Retry-After 1 Vary Accept X-RateLimit-Limit 1 X-RateLimit-Remaining 7 X-RateLimit-Reset 2022-10-12T19:07:03.472Z
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	77ms 23ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 12 Oct 2022 19:01:59 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 303 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Wed, 12 Oct 2022 21:01:59 GMT
GET H2	200	app-438588750f6b6905c6ff.js Show response www.file.io/	638 KB 155 KB	45ms 45ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/app-438588750f6b6905c6ff.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 3bfbb8f42b3e79f5e8093d4459dbc75d1c9cb481c5c13c31b34ffc1890f0b787 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:15 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:55 GMT server AmazonS3 x-amz-request-id 93VYD1VMZHXW0WX4 x-amz-cf-pop FRA56-P5 etag W/"bf53dfdd7a2d5df4ce50d7ce51826663" age 432108 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id kIpKFEHataXIP07AUKipuVr-YKTDMoSvryqumyLds682qcJ0TKbDoA== x-amz-id-2 iTDX+p7wchjZUvmAYFnDY4Zpp4CMXkuKMo1YXwIXTy5de8e8PkQ2qTaI8XMSCKiqeMSIosSMxQQ=
GET H2	200	0eceb729-761e2b4090024f08e2ca.js Show response www.file.io/	12 KB 2 KB	42ms 41ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/0eceb729-761e2b4090024f08e2ca.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:15 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:51 GMT server AmazonS3 x-amz-request-id 93VQQR6HBVKTDEE7 x-amz-cf-pop FRA56-P5 etag W/"d8fa3e295945b4065c7adabadd2be99b" age 432108 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id tLDnoDmm4wZDgc6YdEv6HEv2k1IuQVBMhi_ncNqus69HkX7ry6kI6A== x-amz-id-2 4LtTm/mI4xlXqUqWgWamr3tnLLj93/hSaIHWzg0/MgvPxrtg5tWZNkc6QVabkYGBmSv1uvQBP/8=
GET H2	200	d6a9949e-4e9c210da2d83a376ddb.js Show response www.file.io/	51 KB 6 KB	39ms 39ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:15 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:59 GMT server AmazonS3 x-amz-request-id 93VV5WQDYDMY0D1J x-amz-cf-pop FRA56-P5 etag W/"2feda6389a53a29ad5102ef7918752f6" age 432108 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id B0I4KLhIUqjihuGdwYiLcoZ1tPf8MrKP_3anLyNJL8U6zSza4DlErg== x-amz-id-2 imI9OyWG1YkpMuyXByYbRlmKW9l3ldQGFfyt+0gNcxpHxfMKy7ih8WpHkSIwNGIKtUZ77z7c7p0=
GET H2	200	e82996df-3c73e38611643c5bb219.js Show response www.file.io/	50 KB 14 KB	52ms 51ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/e82996df-3c73e38611643c5bb219.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:15 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:59 GMT server AmazonS3 x-amz-request-id 93VNCYTS5G3RSC4Y x-amz-cf-pop FRA56-P5 etag W/"785aafc2bda0f767992456b4ba1b0627" age 432108 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id DdNKmTkazD6J1jAy0rM-UrzZD_pferPbIf6d3nVGakIaE0JrvRRVmg== x-amz-id-2 Z4KTHLOdIfxW9oy0xxm8fqfufkZH3i/zmGV/thgqc7Be5PZ4u3WKobaDm/QKs0zKEfltlmXTX5g=
GET H2	200	framework-8fce40ee519418a713c9.js Show response www.file.io/	145 KB 42 KB	66ms 66ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/framework-8fce40ee519418a713c9.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:15 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:12:01 GMT server AmazonS3 x-amz-request-id 93VYZSXM7SB6CRB0 x-amz-cf-pop FRA56-P5 etag W/"c4a5f7717ceee6ea81514ff62873ada9" age 432108 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id j8Ph0uxxLCBYbfU4ijabxxQEU8KlwQFnMHrp5N7643YIIf6ATmxuLg== x-amz-id-2 qDYWxug9i7rQy8DhI/0za5358evA4303m45SCvjsH3f3EbMbZ8xXVo9dfCbXAPtaNu/7Rq7pC+s=
GET H2	200	webpack-runtime-f6c26923e3a14848d143.js Show response www.file.io/	9 KB 4 KB	41ms 40ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 084682110cdc14643c1eae4c8983039a3a3442e520574fc9c4cfa050519e84f9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:15 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Fri, 07 Oct 2022 19:04:18 GMT server AmazonS3 x-amz-request-id 93VTVHVNN50H7ZXK x-amz-cf-pop FRA56-P5 etag W/"d8e3b4d78013b23f355c7e4f57f4e5f9" age 432108 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id offnP19JDbAhKkroXoRRiUQub-qZN8Zer-kaFLJV3WfCXkc3UOT7Cg== x-amz-id-2 5ur5E2FQrb+xgLD7E0L/c+29wos6Y3vxzsfazAHF2qsgT1B+S4HCDXIvLZTMCGP0ruKwI1FT4ls=
GET H2	200	app-data.json Show response www.file.io/page-data/	50 B 540 B	37ms 37ms	XHR application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/app-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 5ac824101a705cb884a21edde881278338c57c72bc3448bdcf31639a1b3d5516 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:10:55 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id QFWD8WSGHD5ASBBY x-amz-cf-pop FRA56-P5 age 86168 x-cache Hit from cloudfront content-length 50 x-amz-id-2 HUO++ByJZvC9q13AU7NzPKSb6qmXv7EZxR+HOwLOlQ8px2tcrIfnZeORSXxUch4YyGD+d4JAjFE= last-modified Fri, 07 Oct 2022 19:04:17 GMT server AmazonS3 etag "44bf952cfbd5a8dbc604d2b7a4bec79c" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id o1duVSjx7VUgSQXzxEN_ioFnLSXTYNFfMgTh5NxaxJm8mNiiqR9WNA==
GET H2	200	page-data.json Show response www.file.io/page-data/index/	142 B 627 B	36ms 36ms	XHR application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/index/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 74c145c786d91070055b7dbb15449cb26fea942f6af265ef4aaaaca0758f024a Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:35:06 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id KME5F152YJY9GY62 x-amz-cf-pop FRA56-P5 age 84717 x-cache Hit from cloudfront content-length 142 x-amz-id-2 qDDkG6aphE8XeeC1SXRAhkZK+H0vbmtrrNde/KvAmc4ahk+YiLyF9e7QVEyMd4nyRl5CPZcw3uI= last-modified Thu, 06 Oct 2022 17:12:03 GMT server AmazonS3 etag "296469106a3781916eca896cd4626af5" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id LEvQ2HOnN91upYzBqxTmEjsw7AS9snuwqGg4XhPZGoFLtrW3BRtNjw==
GET H2	200	cb1608f2-c3c6ab3068acdccdccc5.js Show response www.file.io/	18 KB 7 KB	44ms 43ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/cb1608f2-c3c6ab3068acdccdccc5.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash fb26ba7d6c1e90849f333847be322f55b4de508d294467d7c8a7f1cd70d366f0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:16 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:56 GMT server AmazonS3 x-amz-request-id 2K2RKQ06S86QWV7X x-amz-cf-pop FRA56-P5 etag W/"be2740357851b35d3b50ac372bdc1864" age 432107 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id oRPvdKJpSomROiBqlCGNmbe6GPo7Xp5euH429Yb3_LV0nw0RtVbm4A== x-amz-id-2 erwaBptD/HtachrcLdZ84OBbIGtldhi4FqAk6poTLZWVWU0IPFWHnUbZB/qGS1/W4cHlkZKYs+A=
GET H2	200	a9a7754c-f1b5f9c5144f62adc766.js Show response www.file.io/	4 KB 2 KB	38ms 38ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:16 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:53 GMT server AmazonS3 x-amz-request-id 2K2Y0GH0PQQG89BB x-amz-cf-pop FRA56-P5 etag W/"4ae04cdf11989fa265bb8cc9b598298f" age 432107 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id 12Ovyax56gnymSA4ctgi12eG8q7vF52UeYKcSUSvI0fEh-4vetQCvg== x-amz-id-2 jzCmUUAIsmPVT03C/lMKEmvH9fKRf0crsJ2pl0uJdsP2aXYrThsX2fOujsANQipmoBpT4AGuVe8=
GET H2	200	381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js Show response www.file.io/	117 KB 66 KB	42ms 41ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 94a057fa3a8cb5ddac308191c23926e496ed8874cc71e6640806a09760e6732a Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:16 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:52 GMT server AmazonS3 x-amz-request-id 2K2NT4T7QT7T6YE5 x-amz-cf-pop FRA56-P5 etag W/"d7b6ca59f2fccbba3f62d8b48c85f4ab" age 432107 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id AFFyPOb2KrkwJSJ7BlQTPz6RUJ_zalnvtnkHDTJR8QKKAHdec75hpw== x-amz-id-2 kXu19Ury0WnfiaOHFThdRWplFjUgg1ouWpZ67sksyTFZSs5Q70pQFi5QhSBZJmNdW5iGB7SLfZk=
GET H2	200	a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js Show response www.file.io/	21 KB 9 KB	170ms 168ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:16 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:53 GMT server AmazonS3 x-amz-request-id 2K2G376Z8YH2Z1MQ x-amz-cf-pop FRA56-P5 etag W/"2b921aab089ea83ec7bb825f970e0b68" age 432108 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id _EU38TTlXNZ8wMt6zhU6-Ldhws-XbP2IC2acAISUY8ha1SGlC5JFKw== x-amz-id-2 +cY7QiF6uYizmAbxMBYugKIQq28LUHMisc+/MBX26UUxa0TAqllxY07oW+tVLOkR9rxdoCtDs30=
GET H2	200	6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js Show response www.file.io/	24 KB 8 KB	38ms 36ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 15a6c1f335e08bfbef5ddca3572088dfa897eaa5a7c020885e33a73e769e2833 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:16 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:52 GMT server AmazonS3 x-amz-request-id 2K2QFFHH39AB5CZ8 x-amz-cf-pop FRA56-P5 etag W/"28a08914b667bd7d6c376d859bef83e6" age 432107 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id znhYrL9NgMdioQ8Ybk4_sMrfqjnSnioQULJGqeMV17YuX3FXvwXz5w== x-amz-id-2 njuwfEUaLS/a9qjpQQZo32GNZ50bIhjJ4b7p6hUafi03+jTjspTuD33vRolbwf/D1BHZdY6F80M=
GET H2	200	113382e39e0094637e6c370a1afdf6378943c0d9-450045684b75827b8372.js Show response www.file.io/	33 KB 11 KB	43ms 42ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/113382e39e0094637e6c370a1afdf6378943c0d9-450045684b75827b8372.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d044ee74f8fa3db2665169beb777c84298dfcf3576597e286173ba1c77981eb7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:26 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:51 GMT server AmazonS3 x-amz-request-id 79PHAMMWC9VJTFFD x-amz-cf-pop FRA56-P5 etag W/"2b80969bb40c4349478b01d10f1143de" age 432097 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id CGG60Ip8s0By63_D1gna-RDgNiwU7pGKGuJRs31fftzXOtGFzBRt6g== x-amz-id-2 QXDrSwFRyWZHvoJBlzxSXdoPXTZz1rkT8OR5vgQbwOC1Ub7Wvv//OSHQYjj7vrH3h8VcHNCYbkA=
GET H2	200	5964903858f8beed589c20c7b2b6be9e8ad2d202-93820d2402a8e0c48146.js Show response www.file.io/	15 KB 5 KB	38ms 37ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/5964903858f8beed589c20c7b2b6be9e8ad2d202-93820d2402a8e0c48146.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1febd05863543deec054ba709e090a74a7e17cccad0cc4c18a3d9aa42be2de29 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:26 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:52 GMT server AmazonS3 x-amz-request-id 79PHMK907Q5TJ1HB x-amz-cf-pop FRA56-P5 etag W/"a5b5aa5040f05ebd1b6880bfd2f6bc65" age 432097 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id kTF6FSqDyWmoOzl8eI_NE-9jQy2d1ZJHx7PizlIjWdz6CLclmEiJbg== x-amz-id-2 e1MMP+NTXv8qdm8tr+VUBVoGPYvxvIUHOSe7Hxq01eMZqogA8EphMvTQ4oWr0pKL+ke6PC2N9is=
GET H2	200	7945792da56c3b3a1d41545388fa0f1a82bb20d6-62e953e2c8e505992a10.js Show response www.file.io/	5 KB 2 KB	39ms 38ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/7945792da56c3b3a1d41545388fa0f1a82bb20d6-62e953e2c8e505992a10.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1973c59776e5bbd8b11fa3fab9b12ba5ab1fb670a71e7768ae54d43d79c0e92f Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:26 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:53 GMT server AmazonS3 x-amz-request-id 79PXVW6Z75T7WEF7 x-amz-cf-pop FRA56-P5 etag W/"c47f7fbac72308f4a775faf72c61a12f" age 432097 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id wklBwN5gQaou3lH5sM7D1idV5xaEkjYB49stAn3kyh_2yOzsL3cUcw== x-amz-id-2 o7enX8pQy2OJYnuXNIwWDJNEYICd7G1Ywv0uygsUh69DUsXyjgZr1YO/sDuSrmPMCO0dhGE7xcA=
GET H2	200	e98b170d240584cc273f592e36a9137245db2ee9-b0d13a719c02dd99760c.js Show response www.file.io/	66 KB 20 KB	46ms 45ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/e98b170d240584cc273f592e36a9137245db2ee9-b0d13a719c02dd99760c.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e04e61ae110343f43400272c28ea5f0d979a2b9b5ee35b58b34e36967ce90e4a Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:16 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Fri, 07 Oct 2022 18:58:55 GMT server AmazonS3 x-amz-request-id 2K2V76QHA3Y6FKBN x-amz-cf-pop FRA56-P5 etag W/"702b85aed5ba698f64544706b6b1a9d9" age 432107 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id sNigu3HIrVWZbAIuigbMjz_-_XHrgIhzIARCfE32JM1B1J-G8wlTdQ== x-amz-id-2 gmodTncYoUiRFmZrc4F9RBlwl03UISaYW4xVWe0o9qRFUyBKIzn1RolAjrfP2nR4FsM7yv3tEXpxiiJOQV9TCA==
GET H2	200	component---src-pages-index-js-f2df336e7aa984bb0da3.js Show response www.file.io/	48 KB 16 KB	40ms 39ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/component---src-pages-index-js-f2df336e7aa984bb0da3.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 73223b29ef8f9997f60ee62fc27ab501a9fd59db27f8f180ad726071cd659b14 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:26 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:58 GMT server AmazonS3 x-amz-request-id 79PPND6K1N70Y8QH x-amz-cf-pop FRA56-P5 etag W/"02c1c144572d02a2c86bdc62c65be517" age 432097 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id bHKLGkYQG6UXl_M87NssQrT98P3tltD1MuhvjbM-PB3FXRtq6MSWZw== x-amz-id-2 3I7FV76HXM38ONI4Uvvy4HNmURmZzR77eCF4vEWINFmz9OEaosoZSER97NJmfDImZuQf853kp34=
GET H2	200	1655680770.json Show response www.file.io/page-data/sq/d/	447 B 933 B	40ms 39ms	XHR application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/sq/d/1655680770.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:10:56 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id MP8S8EX6R0E7YGQK x-amz-cf-pop FRA56-P5 age 86167 x-cache Hit from cloudfront content-length 447 x-amz-id-2 oN5ugFJRTSf/snig/4zSrZQ51RlMM+Qp/91KO9QK8Yg0pwUCJUA7i9OR2TxZLjxZxCP0XuTE31M= last-modified Fri, 07 Oct 2022 18:58:57 GMT server AmazonS3 etag "c839c57483bd5d788408e7fc88e7cc8d" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id YzVrO9d26ZMFKNWNVDX4Mh_e0m51l7Jy0ku1DSkdPIso268rhLbcvQ==
GET H2	200	1810866655.json Show response www.file.io/page-data/sq/d/	2 KB 855 B	460ms 460ms	XHR application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/sq/d/1810866655.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:04 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:12:04 GMT server AmazonS3 x-amz-request-id 2K2RP7B42DNG7KKQ x-amz-cf-pop FRA56-P5 etag W/"7bb0144e136507cd9bfbaceb72189d09" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/json cache-control public, max-age=0, s-maxage=86400 x-amz-cf-id UWxOAxpwGfnjJtqQScjgUZJzEaGe8C9OnM4rF0NnMadgD6Y1n9pi-Q== x-amz-id-2 ZxRfQc9ZxmvRH9QfrSSCFDzsHE1Z9HR8Bp/gDtPrVeP5go1v65td79XFSpa5ugjpAJW7n7oXzrw=
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	80 KB 28 KB	100ms 33ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.file.io URL: https://www.file.io/7945792da56c3b3a1d41545388fa0f1a82bb20d6-62e953e2c8e505992a10.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f64df44e16a322d558504a384c7b11b9b30f5c6fe0bb6a2e7bad84f491f99f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27763 x-xss-protection 0 server sffe etag "1362 / 117 of 1000 / last-modified: 1665599564" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 12 Oct 2022 19:07:03 GMT
GET H2	200	prebid7.18.0.js Show response www.file.io/scripts/	163 KB 48 KB	39ms 39ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/scripts/prebid7.18.0.js Requested by Host: www.file.io URL: https://www.file.io/7945792da56c3b3a1d41545388fa0f1a82bb20d6-62e953e2c8e505992a10.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:27 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Fri, 07 Oct 2022 19:04:18 GMT server AmazonS3 x-amz-request-id E5N5GHMW49CMWJTV x-amz-cf-pop FRA56-P5 etag W/"c488e1001b33af7893c3558f28b0fac8" age 432097 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id _Pqi2BtUpfokX6bkK4vRbuOg7iQFmrACS4w2CLjzYhmIQmMveNLabw== x-amz-id-2 C223G5ckfk8C/y0EXpaiOAh+YExjLfCaS3J/fp0rwb1a9vNeBcTOGUFGAjd/+fOiLg8Ash1RWoQ=
GET H2	200	ads-halfpagearray-ad-0023c3ac6002812fc33f.js Show response www.file.io/	5 KB 2 KB	51ms 50ms	Script application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/ads-halfpagearray-ad-0023c3ac6002812fc33f.js Requested by Host: www.file.io URL: https://www.file.io/webpack-runtime-f6c26923e3a14848d143.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a7ec736f1ac00f5a892793c21f1f3b65335663484d642d08d6df6dfe7cb5bc3b Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:26 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Fri, 07 Oct 2022 19:04:14 GMT server AmazonS3 x-amz-request-id 79PTH8Z6KJ00WF00 x-amz-cf-pop FRA56-P5 etag W/"e71e887e267042f805809e8bea8d54c2" age 432097 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id abmev22QzcUsg5ZqoiseQu0y1uCA9cNd5dpOnNbzkuySdmHmk4r7IA== x-amz-id-2 UTPCXQfpBHTQK9KIWkNHWGrXQx7H1arUV2M7HUuJa9JeVo9vF6t4/UrMOVg+2Bl+kE2CP3b7nqs=
GET H2	200	Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2 www.file.io/static/	317 KB 318 KB	41ms 40ms	Font font/woff2	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8 Request headers Referer https://www.file.io/ Origin https://www.file.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:08:49 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:12:06 GMT server AmazonS3 x-amz-request-id 15F29QWSXCX0872M x-amz-cf-pop FRA56-P5 etag "8dd26c3dd0125fb16ce19b8f5e8273fb" age 431895 x-cache Hit from cloudfront content-type font/woff2 cache-control public, max-age=31536000 accept-ranges bytes content-length 324864 x-amz-id-2 plMqLxgD3VC+9Xbay3uxXDTnQytJ1lF5JVlugvXUYfj2+DwMlNeFdAP7xa/UsC0gCwTxfblfaBA= x-amz-cf-id WNKmLQwoNV3LZb1u4dtI-5zeAu7miU4TVZOJkBYnm97sUJRnGDo9dQ==
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 206 B	30ms 29ms	XHR text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=45237458&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2F&dp=%2F&ul=en-us&de=UTF-8&dt=file.io%20-%20Super%20simple%20file%20sharing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1232061058&gjid=579258834&cid=1822218189.1665601623&tid=UA-65658019-1&_gid=116757736.1665601623&_r=1&_slc=1&z=2046271009 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.file.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.file.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 436 B	86ms 29ms	XHR text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=1822218189.1665601623&jid=1232061058&gjid=579258834&_gid=116757736.1665601623&_u=aEBAAEAAAAAAACAAI~&z=524062185 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.file.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 12 Oct 2022 19:07:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.file.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_2022100502.js Show response securepubads.g.doubleclick.net/gpt/	380 KB 129 KB	103ms 22ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a1ef6235ec7b883c904136a8bdc4b9e505f4a9508baf410b9817ab806f34bce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 17:16:34 GMT content-encoding gzip x-content-type-options nosniff age 6629 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131298 x-xss-protection 0 last-modified Wed, 12 Oct 2022 15:51:15 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 12 Oct 2023 17:16:34 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	65 B 707 B	111ms 32ms	XHR application/json	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ff8085ad02fa11d476c2329de7ee3df744e70655075a378a95b6a1e1278083b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:03 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 71 x-xss-protection 0 expires Wed, 12 Oct 2022 19:07:03 GMT
POST H2	204	pbjs Show response useast.quantumdex.io/auction/	0 261 B	199ms 145ms	XHR text/plain	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/pbjs Requested by Host: www.file.io URL: https://www.file.io/scripts/prebid7.18.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.file.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.file.io date Wed, 12 Oct 2022 19:07:03 GMT access-control-allow-credentials true cf-cache-status DYNAMIC server cloudflare cf-ray 75921dc36e7f926d-FRA access-control-allow-methods POST, GET
POST H/1.1	200 OK	hb.php Show response bid.glass/ad/	19 B 317 B	325ms 109ms	XHR application/json	64.20.35.44 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://bid.glass/ad/hb.php?src=prebid_prebid_7.18.0 Requested by Host: www.file.io URL: https://www.file.io/scripts/prebid7.18.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.20.35.44 , United States, ASN19318 (IS-AS-1, US), Reverse DNS bid.glass Software Apache / Resource Hash 6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3 Request headers Referer https://www.file.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type text/plain Response headers Date Wed, 12 Oct 2022 19:07:03 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=1, max=100
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	87ms 34ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.file.io Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:03 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	84ms 31ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.file.io Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:03 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	210 KB 60 KB	1065ms 1001ms	XHR text/plain	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2302796485062778&correlator=2483572514945313&eid=31070044%2C31070166%2C31068921&output=ldjh&gdfp_req=1&vrg=2022100502&ptt=17&impl=fifs&iu_parts=22175459031%2Cfileio-halfpage-gallery-1%2Cfileio-halfpage-gallery-2%2Cfileio-halfpage-gallery-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x600%2C300x600%2C300x600&ifi=1&adks=2093335146%2C3306312227%2C2065559030&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1665601623862&lmt=1665169456&dlt=1665601622651&idt=1033&adxs=393%2C806%2C1219&adys=328%2C328%2C328&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2F&frm=20&vis=1&psz=413x600%7C413x600%7C413x600&msz=300x600%7C300x600%7C300x600&fws=0%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1822218189.1665601623&ga_sid=1665601624&ga_hid=45237458&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6876147bc6f5b2bcc41ced92803116ac9600c43075aec2e4b6e7ac41c0cc61c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61721 x-xss-protection 0 google-lineitem-id -1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.file.io cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 12 KB	94ms 45ms	XHR application/json	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100502&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b51f2f1db0642c83147fb182c105c3a97dd9f1def640e14426a3d0728934f507 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:03 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11334 x-xss-protection 0
GET H2	200	container.html Show response ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C94A	6 KB 4 KB	113ms 32ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.file.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:03 GMT expires Thu, 12 Oct 2023 19:07:03 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	83ms 33ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 12 Oct 2022 19:07:04 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4EC8	13 KB 5 KB	71ms 23ms	Document text/html	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.file.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2106 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 18:31:58 GMT expires Thu, 12 Oct 2023 18:31:58 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame C7EF	783 B 1 KB	84ms 32ms	Document text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6de9eb7253385d361e091ae5933ec0bb6af192b50210f1cb9b7a41c90d8e12af Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-MUTgVHb0332-8JutP0alZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.file.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-MUTgVHb0332-8JutP0alZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:04 GMT expires Wed, 12 Oct 2022 19:07:04 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Show response pagead2.googlesyndication.com/bg/ Frame 4EC8	36 KB 16 KB	70ms 24ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 11:42:26 GMT content-encoding gzip x-content-type-options nosniff age 458678 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15993 x-xss-protection 0 last-modified Mon, 03 Oct 2022 10:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Oct 2023 11:42:26 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame C7EF	0 0	93ms 58ms	Image text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100502&jk=2302796485062778&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 4EC8	0 10 B	22ms 22ms	Image text/plain	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?MK8wbQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:04 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	61ms 60ms	Image text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100502&jk=2302796485062778&bg=!Hh2lHVnNAAYqRg79CkY7ACkAdvg8Wgq8-q97cxHMWPG_V5sZJSZkdhqRV_3mQ5tfz-ebtbfFQSfErgIAAABTUgAAAAloAQeZAqzB1lVbN3873-6-cCZ1dUxG6dCI8WE3mUjdWRo3fzvWzS-n1cIB_PvLtvjq05dc3ZdhTbRHV8m0kPHHa9FPSgmvub1Qr40TNWAKcK7T6DZ5qesO9L4Mf2A4Vvc9d6thcADfxSjRC3UKZOdYDC3zG-ZcefvWW1AaApK-tSeRqk7Wx2osTaIlMNtmVsBxQSWvPLbmeD6TMV7SN-pkCBj9_9tJ5SFhuTGfjesbZTD5KQmWR7gpAnRDVP4ZQ_NAZZ7Q6JeozZVF0vH3H3QIF_RBLyu6daI9vlbkimFOYS1wAXU4Ca-81ZuIi9lAPPbfLIRJHb8EFrvKlVaKR9UYcYXS5RxAbwAftJEoC4lNcFu4LoovZnZMi7rByktYhDendD5Rum9zb89NJSdJ9t80Qan4_HI79-Yv6WvMo8JIKesV-OtJVUu2MvLxE49iH8HIy7_Jeztq3SV8SqDjW_vN-6cEDwbvgHtTWLo8gV_FExQdPT30pLV6Co6Eade1eUMsZ_ZReDp_K4Z-sVljFUtnxZgxwKkWFUo3UIpBdpt20eicNLCAyXpO_oVYOMg8a0l2BM6KuIXUPu6lVfmNJiSi7nHaA5sPsTtfdwZG8RYEN9boaLjRX_4BH96MERD_P41MM3qXmfymBKLt7UnrFaDK_GGQK7EJXX8TLdr3cPr3dyZz8uqQBC3wZ8I9juRwmqiDRZicH9Udr5eb4o5tmtc_UEj52MYfzOuXcdqloSyFr8f4gmZA1hbehmUq_2hreRKzoipybRD_FVwi3Ni9w11_8DehnOIyR2yN5vn4NhdJXHmErZYhGMS2WHOHTg6vRlIBUptXT_cJ-nkX5gFXMVU0g3MC1tJodF4607Qiv-TFnwLERyjdyrbp-IKt_colNaE01_hXbYU6h56s7wfxUkpB0og Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers
GET H3	200	container.html Show response ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E33	6 KB 3 KB	76ms 29ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.file.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:03 GMT expires Thu, 12 Oct 2023 19:07:03 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5577	6 KB 3 KB	68ms 24ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.file.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:03 GMT expires Thu, 12 Oct 2023 19:07:03 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66C6	6 KB 3 KB	67ms 28ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js?cb=31070166 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.file.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:03 GMT expires Thu, 12 Oct 2023 19:07:03 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame E583	624 B 560 B	86ms 34ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNV57OkL-X04Z0eRDnsEnLOnl99a8eHzsAl8s4uJgreHrJWEbeJT9nZjTKjYbJYfv4Z3GfVSVEJMJjR4KJV_K8DwhIex4IRM8_ZORYhG7sFqBM5o0K2VSE2N6sk-vhGOtwR-syzuO4aBj8PPYzQ3fHQkKiUp0Vuvxl76EZX6cWx5_qpCsgw Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:05 GMT expires Wed, 12 Oct 2022 19:07:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 5577	23 KB 9 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 01:16:50 GMT content-encoding gzip x-content-type-options nosniff age 64215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9578 x-xss-protection 0 server cafe etag 2674910403068493586 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 01:16:50 GMT
GET H2	200	12261440130089504030 s0.2mdn.net/simgad/ Frame 5577	114 KB 115 KB	88ms 23ms	Image image/gif	2a00:1450:4001:829::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/12261440130089504030 Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 012eeab8ce7288fa9fb46b656263a81ec4c9126d709610086d9a74a7609f329a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 12:17:46 GMT x-content-type-options nosniff age 24559 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 116830 x-xss-protection 0 last-modified Wed, 28 Sep 2022 15:08:17 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 12 Oct 2023 12:17:46 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/ Frame 5577	6 KB 3 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/omrhp_fy2021.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 01:16:50 GMT content-encoding gzip x-content-type-options nosniff age 64215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2640 x-xss-protection 0 server cafe etag 2603454828624189567 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 01:16:50 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 5577	0 622 B	135ms 67ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0Hf_4cpt1j9GCClsm-ng_hmsRvfx9etklBqRH1jt2sYMEHnHSLxD08Qq4fb0vb4pM1bp3ED0zXv3CJNnxDBZeNMT7F3JElmzhTFGsKRSV3VjEa2zSaiBtaO9BMbdqI4K4RkPEr4UrhjnGHn4gnBTolQrQfc-KaUgb2lnqTi_nVCTrGTQkb8Jt3rTLOVhe-zAhjqjEyUS5L3yYO1cQ29UmRiQn-2qVHniNoCJEGwH2FOtgdyT0ITKtKuzYF3PKCvy7qS07ivUYRFM0NmymMU7v1JhrbeYM3tw6DoV5H6iJC_9QCP1ZTf0k76zqHEj31D3AcnOhsZbDvjhw5j98JbEDotFUpUvq7gEo7kgw_aAlFjfOzSHRJ9kwQL5YEyEamgDl04i_eK3nTCeiEDLK0hd9gnO5lxNe7g1XZPUxcDxZvRiQNI88mYR3xsieDMewWqaqypXhg78xnV9_E6nSz5cOM4bl8pOpusbo0evxGTVOVNx3eodoYFZ8y_C9JzLnd7ikmUa3TSm-8WtoVNXdd5VtnpOFL175PaOWdA9Po6qEUTEmYTf3xIFsbe0Mi_pjP6O6p4rakOczMgXlOWhw6Z6xKUPHySNDO-vHjRT5SpTcD_Xjc0cKVFxZUdaOIK2BhCjJzpXNqFIvBCtqb2C4zRc4ehZFTPAZgIEuwwJ2tvw8jvwpUB-MMfjWr5DlooLltgiHmsMh0M4MB5F0ShJUrKplykq90z0xlm7gfe5UlZdvYdQDq81QPw8sQbe_6hnSxs5B9WtkZ5sM-zzfKPkY5VFMKtgXmchPtUj89jLoPqE3wKqvunfv9CfIgkdcHabutojcdkRAoE9RX213UcXHub2IvRmXZkIXpGWZ_qwesnkDWicKfCPY9y_tXGFMWdYVmoIiHa-w8vHfzr7EBtq_6c_PThSJ6Fkq3TUb6E4wyb7qOFzDhz27vjHRii_mUXlxzuAUdY_ldRq8QzB3zBjvJZLb1eIH9F9EiVID4aSn_aTiYFHxmTa8JJlhXMPSuFnhLPLFDefSN42Xl__9rn9c7xe0ylPDAzez19205YB5mNSrRDw0q_UeAd1wLh-BHORptXoxVv5GvMVfzk05B-yAFDb21WAFRjoh7BARcIj_4zis6tBSeoZ3AiQ50e9QTQV1iWeMg4pVAolop74-R2RsF7JuHqLVKGSALg&sai=AMfl-YTEwbCkWF9yDKnX9EIuc8jKpzv65F4-3syqAZ3lgMyha-0MCPxdXmo_fWDTL6keSAAG5WoJTGgGmRoG8plnH5FU4Cb_ee5x-PuOyQEauAnySewU_s1RbpvFHjR40AIybB1mB12_lKKCvNDUoxUYteDV4k3kh590J0ko680ZRaVu6E-kGBokJ7rlKbRD66s2DbuuDhjD7fU1tOlQz9nMdMBvlybNnsywcLVn0xZRQTCRW8BQ7iRGDEiNZbBE1aLHsI0zqmX1MNDBrNIa8HNmEHXuqkn45F16oSTHiApgHpHWzM7rgyHyoXRcbRJUUUiRAaWM_5aSapLk7FNgrwtyxoGS9MHLTZp4QllKInlMVYbBOqc0uQFHXrHvZ1J77iBp6Qxv48pMerwncfCaTfminTvssvFMy-rVQbNq9c8y&sig=Cg0ArKJSzDeK2CoQ_Re7EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221010.56393&adurl= Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 5577	41 KB 15 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 18:35:56 GMT content-encoding gzip x-content-type-options nosniff age 1869 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Oct 2023 18:35:56 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5577	42 B 63 B	62ms 57ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhaA5s3ujiKJBraNFzu8zj9ALl1mq1DYqUKy0gWi5JsH1_3UEzQCj8uC87hy1oSoZ1DRdwHScafPuK9iOH6vjIKcwelREenIk3mf8WIlepJ-AGhOo Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5577	3 KB 1 KB	27ms 22ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 18:31:05 GMT content-encoding gzip x-content-type-options nosniff age 2160 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 18:31:05 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5577	17 KB 7 KB	28ms 24ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:04:52 GMT content-encoding gzip x-content-type-options nosniff age 133 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7570 x-xss-protection 0 server cafe etag 17992891929817281641 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 19:04:52 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 5577	0 0	85ms 31ms	Image text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOd0T1_Nzqk5a7iVCR9kdef8BePdbttEDVtgcGEzJ0BdV6Fi65-VkmYkzmv3vU3qkFfBbwoFaGr9daRbrLPi9mRNvrQg Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5577	151 KB 46 KB	956ms 907ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47122 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1665402098278948" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 12 Oct 2022 19:07:06 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 7E36	624 B 975 B	68ms 33ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWnBOhWnFzU3uTZJaU7qhCvSrnT3IltFilUyM5Ko4_GgxR1Bdhgi9XWVMeSJjf6DqVt9GAieE83ECYUGMEYDuP25ZeA_O0qcQMQGRYobQv5fWqBWR7P20jtu-8_JmPe6J3FkFBfFiQgWukauk4ZDKVDnPj7WVYNSiuegVaRyXq1jf0PE0Q Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:05 GMT expires Wed, 12 Oct 2022 19:07:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	12261440130089504030 s0.2mdn.net/simgad/ Frame 66C6	114 KB 114 KB	95ms 46ms	Image image/gif	2a00:1450:4001:829::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/12261440130089504030 Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 012eeab8ce7288fa9fb46b656263a81ec4c9126d709610086d9a74a7609f329a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 12:17:46 GMT x-content-type-options nosniff age 24559 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 116830 x-xss-protection 0 last-modified Wed, 28 Sep 2022 15:08:17 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 12 Oct 2023 12:17:46 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 66C6	23 KB 9 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 01:16:50 GMT content-encoding gzip x-content-type-options nosniff age 64215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9578 x-xss-protection 0 server cafe etag 2674910403068493586 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 01:16:50 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/ Frame 66C6	6 KB 3 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/omrhp_fy2021.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 01:16:50 GMT content-encoding gzip x-content-type-options nosniff age 64215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2640 x-xss-protection 0 server cafe etag 2603454828624189567 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 01:16:50 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 66C6	0 64 B	122ms 70ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqXgtaI04PUEGEbGP5UUTRID-xFlEBFhiWt9NV5W0eqtwvA2ZVx3fDZwu8S711iTq3tzjCuHafuAy8ZNuANCBxDhJSj51r92B04x6cAV-8EXhDQLxZW5rcX130MeZ0K2fh312BCepa4bE-s6t9qVHizV0TzZ8PH8VfRmzkuwas4Lx5d8SGHM3iOg1p-kMcupEuP1DmBhQWVwdte6Ij5IZTJfeAc1JNilPojX2pLpt45gRxroTbsCGktHd3twj6sv_ucGT1PWrkFjq9uvOuFJvrtApbaUUprQu8B6bCi2G2gru9qjyb-yOxWAEm-wVLolkAkg9sVXZ6A7VI_DYDCJgL4jiQFPuYgQS0bZdVhH7LZvG2Bg4HGBwLuL039rOMQAy-TO20rUG9XUIV-Noz1ooADysz_G65P1zsRlfFef1QDnx5ZE7iClQaeCLFRYW3jq5AWdGkwCokw_5C_8cqy9wJArbD1XTYyO42AvgnNzKAhIYURNasH8YdvcHb3NVL77vnFoFxS8xiVDdXmr_F7JPsG0TIkbYhkOMyrQFewKf6klo11WvEN7-2csRXxDH_cU5pXAOyR18J8OpMPMTfKWeM7PMG58B8HAa0raOcJYphDvQZwMDqOQg8dyx75M18Ar4wCc_zCsxIlak6ICtOr7RkK2FG3jNIIR6mksaPLao4UegTEpqoRcfbIjti8UgUglmuHPJjKKBWRyWQfZPe4tHYc8IeXgs_GMWQSlNAz25X1DXZvk6KQpvJO0Cle72x-PeRP5pItlthf2Jp5UE-_GssZSvMnZF3mV9LRCsttFbk4K1x7FQNxXQASbdJpK9UTfjT5JdWsVar5HDVZO-2Kaw5rKoDmSSyzM9A-3wyCNIHzgXkLIaNSK6iO0Mr6v68zmId9yKeARLraKdBjEuFfyBgPi9tpxiMgCgVxFioHrW9p27uLaSjUFwkBzWiKk-CCnLkhKG2gZU2jN-XOhU0UQkwqBv8oBIJfCWTH9Ykwo7UIpMvr9AJeFKhMSuAQ7Me1eom6PMkk4farkajllbGk272LHLXoo4z5WIrH166msDEHXGDWfGQqRHg_Hm18uilxZ98ekAOY8kKWS1DBqmcr5ruB0kvniaQSGHfzp25VkWZzPuUfbkBHIYL9ZgxoHc9BffDY3sjj6N0WTW5IRFuPgV7wwjd2wyF3Q&sai=AMfl-YS2xHnWahDHMrP61_c5uBKEsZggewrKlu0y-Gr6Fymj3OwqsTveWz5Zaf025sFfM_0t03ssAMehnVZLEbjlzoObWN09V4DQ3UPxEPWlxLbC5fAW_yqwefrq7evgQH_YnFIYTJrqzFKHYXmGuQC2aiIvonV5CVrU2cwlREJvp29jblEAFdqZpc8mhwfkQCTfI3-eBRVhaNapxk8gTaYAYmo0iQuJkPxjcgOMAoUtxAYxjBuhzVd__WqMBngP2wAOQ4feHqcb9M1Aeu9ybOMDMsY9v9qDSJMxni8PjnVVjf4R-eqqU9sdLV5whJcfI669_uG86MyoRpshYk5ho5896IEuRhxwNljyyECJ20SEmv0zX3KL9FGCB3vKQZwFXEu6Qd6eMXMcg7PVluZm0ZntVJHS3QFBnS54HQ7AZ59_&sig=Cg0ArKJSzMApBhpoCd_MEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221010.29102&adurl= Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 66C6	41 KB 15 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 18:35:56 GMT content-encoding gzip x-content-type-options nosniff age 1869 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Oct 2023 18:35:56 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 66C6	42 B 63 B	62ms 61ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0UJmvJRoauv9ECCdln_xWmNy7rs8XXO-dXO1HHo_gyCxOVpRTdVX-Fu7p0s4a1SnPk1AkPcWuWV7veJiKoyQHcZ3AjMX1Cvqy5d3hfh-41GTPvM8 Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 66C6	3 KB 1 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 18:31:05 GMT content-encoding gzip x-content-type-options nosniff age 2160 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 18:31:05 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 66C6	17 KB 7 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:04:52 GMT content-encoding gzip x-content-type-options nosniff age 133 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7570 x-xss-protection 0 server cafe etag 17992891929817281641 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 19:04:52 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 66C6	0 0	69ms 30ms	Image text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTdn7xlt-YJjJsj1qzBD0eb9kALvyxRX-uQx0sHo5c6HVIN9rYcnFkSMGB1V5BkUtr8r2IXMSg8GGh_pxQ-2KYzF1x0A Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 66C6	151 KB 46 KB	922ms 888ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47122 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1665402098278948" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 12 Oct 2022 19:07:06 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 1262	624 B 559 B	57ms 35ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWTjA97cDbxNcEFWErQMS2HUb6FWfKSh4QQ3ClH1B-Fe3E8MsCaU2eZ8VojAhBkceVyCVgg6deH_RFdvi9Z8gcxEvJEOMhSA4eM4RbptdIC_WezD9DmKPlMXaNMXTyamFQkS-OnrvPDPTZSXLf07g27FiPSes8YfRoaA0067iY_ZuGa6Qw Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:05 GMT expires Wed, 12 Oct 2022 19:07:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	12261440130089504030 s0.2mdn.net/simgad/ Frame 5E33	114 KB 114 KB	97ms 59ms	Image image/gif	2a00:1450:4001:829::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/12261440130089504030 Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 012eeab8ce7288fa9fb46b656263a81ec4c9126d709610086d9a74a7609f329a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 12:17:46 GMT x-content-type-options nosniff age 24559 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 116830 x-xss-protection 0 last-modified Wed, 28 Sep 2022 15:08:17 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 12 Oct 2023 12:17:46 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 5E33	23 KB 9 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 01:16:50 GMT content-encoding gzip x-content-type-options nosniff age 64215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9578 x-xss-protection 0 server cafe etag 2674910403068493586 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 01:16:50 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/ Frame 5E33	6 KB 3 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/omrhp_fy2021.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 01:16:50 GMT content-encoding gzip x-content-type-options nosniff age 64215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2640 x-xss-protection 0 server cafe etag 2603454828624189567 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 01:16:50 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 5E33	0 64 B	110ms 70ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVeWPnHQTIM2T9FKxzZXSpSXOjm1d3iHj2j8nVyvJPc3NPlHvyWWACPsgYPMDvYZBZq3zEKACNmQwO9nq04CkSkQ2Mrc0_xzsJVey8R2btvuyFvhGeildFAJo6dLOOdlEWNBUSfdFIGnJoSzXXjsNmedXygpS3pN_dY6tkRusVM54_xSLmnWUFhuE_yPv5E1MSyFmlufjf5pTNZTDt6WBKjjxzOgNtRpKYji42LI45Xyr6WW8l7cROihRt9ZzDmAeAqxitIk_sjkpVkrTDT6lk76FqeaSsY5BS-64Y7_jlPsPYLq2ICAC3tISnlBwgDEPxf8M0yPwHwR3LD5bBZlG8poAU5yZMD5cSN6YV9Ix-khkT9FveCaaNPwPJXbjy50kZK8J2P4K8-s52FJigidjx-PnZVeYYXMmqZWAqNKfl5eFewN2JdLIwf6qHwn2GYwbXqE3FO3sYYggA0eDpcmPEVS56fLHDQLKYxaQVNWWINX-fek-O10Bu_L1phZiV5q78TH31sIONzgW7DTVrxXxx9O5b-enQhJZwiSnWBH80ZXys7CSyxAqPMtdpCDLYBTVVK5twEb21bP2Eikh1YWAWD_cSQU1bxrcCGKVpclP8SlFS0Kst5vfvplIu4Vf55ui0QBpWA119ZJaosxEUWOctzj0oOZkQ-rwjsJgVaW2EcfDRTyzzu90abfBt6n7IXLS7ee7rPZxf_Rl__Bj_J9g0U1NvCggBmHnzM_VYQYh6omlh2aeH-4PRCPEFcOJ0Jxjz6G8ydtgbT8yDFm3_ejQJA8IACX_yRBlictBetfWabO2vLF1oKOQiHHGw15n0v2K3lQx_rDOU9xcQWx0LYABR0YROujJ3MOE2z2V4w8xwD7sO3U1wZkj5ZtcqfM2HiXJBejkWoK7tk6fuGeksfOZEsalaqRgTd-5nA5-33WhMf4OP6bSkPDc9wGjdMkXYgu5TIUCzb02MaEleNx36O2bSa7jSaIVI2Q-s4Dg37KmSsyt66smbZQPdlUW7ncBWv_AS4EVNHduKJc9kXkX_0aE1nsY-4kWNs0noxWKGml3ELjgWCn_TyfNvNlUdf3XMAK-0ezgteMdTHspD3IO4BDhvhg-MXKdZdFJUEfwkx8_AJ48ZZtrchmVgMTi_jTCJ11NBZig_y6pPG4gYK0scBF7dc3s2&sai=AMfl-YTTX4Vcis16j7GMq0NXLcxZ90ickr4WzQ_RHVX1aWvyspBbHgKDxlj2P9TLbB8LYVEJlEq-Aqg4TDw1SLzkYtjNZv0wicOMsyZS3a5yZB6Rgh0KZiquw3MhwpzFxXr_JTRt1KKZv9U8J4oO8gOkBJ3rVIokvxH1POvJC9mOrru2tAf37gy2i6_FjFgSBhlpN9f7Kin2URhnOwnpqotVYCHIom55SK1Dz0C9WgajCB6c24By9m9MCAvW1FEc77BOMlS92RtNkMrNtl1ls9WJIUQeLY_trj8SyeMZqJcc7wIdZugSZDpUbAuccOGDqiJjb8nTW8y5U-E8Y9_AKxjEuRY3-XsLCuah2bUg9dr__cMGrfHMjSMc_UQKPL2uUdHuvN_nN6ZwqZbtCHg9dBOOwcO4KK0gj-UHq73bxxKa&sig=Cg0ArKJSzL39CPrYlxtaEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221010.65015&adurl= Requested by Host: www.file.io URL: https://www.file.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 5E33	41 KB 15 KB	26ms 23ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 18:35:56 GMT content-encoding gzip x-content-type-options nosniff age 1869 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Oct 2023 18:35:56 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5E33	42 B 63 B	59ms 57ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B7FxNPb3feLsy3wCiaX8eoR7Zdx7TzqrhMMUrASX-049m8Qbo-XePrqNr52G-uLQxFSwKVg7p0CPLvWuP9MMcYrYwTXRGbUwIWZNLgYvQNMeuioms Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5E33	3 KB 1 KB	33ms 30ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 18:31:05 GMT content-encoding gzip x-content-type-options nosniff age 2160 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 18:31:05 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5E33	17 KB 7 KB	26ms 24ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:04:52 GMT content-encoding gzip x-content-type-options nosniff age 133 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7570 x-xss-protection 0 server cafe etag 17992891929817281641 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 26 Oct 2022 19:04:52 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5E33	151 KB 46 KB	908ms 887ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47122 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1665402098278948" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 12 Oct 2022 19:07:06 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame C219	22 KB 8 KB	23ms 23ms	Document text/html	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1859 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 18:36:06 GMT expires Thu, 12 Oct 2023 18:36:06 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 20EE	22 KB 8 KB	23ms 22ms	Document text/html	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1859 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 18:36:06 GMT expires Thu, 12 Oct 2023 18:36:06 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 5577	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7cc6d712ed120dfc6628ed286f35133f9b8cdee99d82ea20ed4e9ce7cfa416c8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 66C6	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5556e39154da06fd8effbb0c5431f3b42612144f9f04a952f1ac97c3c9128e00 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame AE23	22 KB 8 KB	23ms 22ms	Document text/html	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1859 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 18:36:06 GMT expires Thu, 12 Oct 2023 18:36:06 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 5E33	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 140cb86244cef270b4569b85fc78ed36f269c7017151b5992bc0ea6d1866244c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 7E36 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1	43 B 766 B	33ms 23ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWnBOhWnFzU3uTZJaU7qhCvSrnT3IltFilUyM5Ko4_GgxR1Bdhgi9XWVMeSJjf6DqVt9GAieE83ECYUGMEYDuP25ZeA_O0qcQMQGRYobQv5fWqBWR7P20jtu-8_JmPe6J3FkFBfFiQgWukauk4ZDKVDnPj7WVYNSiuegVaRyXq1jf0PE0Q Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 7E36 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0cQWeciPsd7rLV1ZcanaQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1	43 B 894 B	24ms 24ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWnBOhWnFzU3uTZJaU7qhCvSrnT3IltFilUyM5Ko4_GgxR1Bdhgi9XWVMeSJjf6DqVt9GAieE83ECYUGMEYDuP25ZeA_O0qcQMQGRYobQv5fWqBWR7P20jtu-8_JmPe6J3FkFBfFiQgWukauk4ZDKVDnPj7WVYNSiuegVaRyXq1jf0PE0Q Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 7E36 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1	43 B 1020 B	47ms 29ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWnBOhWnFzU3uTZJaU7qhCvSrnT3IltFilUyM5Ko4_GgxR1Bdhgi9XWVMeSJjf6DqVt9GAieE83ECYUGMEYDuP25ZeA_O0qcQMQGRYobQv5fWqBWR7P20jtu-8_JmPe6J3FkFBfFiQgWukauk4ZDKVDnPj7WVYNSiuegVaRyXq1jf0PE0Q Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT AN-X-Request-Uuid 5643b724-32b2-4487-9b5b-c34bb2ba4286 Server nginx/1.21.3 Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7E36 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D	170 B 188 B	35ms 35ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWnBOhWnFzU3uTZJaU7qhCvSrnT3IltFilUyM5Ko4_GgxR1Bdhgi9XWVMeSJjf6DqVt9GAieE83ECYUGMEYDuP25ZeA_O0qcQMQGRYobQv5fWqBWR7P20jtu-8_JmPe6J3FkFBfFiQgWukauk4ZDKVDnPj7WVYNSiuegVaRyXq1jf0PE0Q Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT AN-X-Request-Uuid afee07f9-2daf-4b16-96d5-5a7821d0cd4c Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E583 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1	43 B 766 B	34ms 24ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNV57OkL-X04Z0eRDnsEnLOnl99a8eHzsAl8s4uJgreHrJWEbeJT9nZjTKjYbJYfv4Z3GfVSVEJMJjR4KJV_K8DwhIex4IRM8_ZORYhG7sFqBM5o0K2VSE2N6sk-vhGOtwR-syzuO4aBj8PPYzQ3fHQkKiUp0Vuvxl76EZX6cWx5_qpCsgw Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E583 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0cQWeciPsd7rLV1ZcanaQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1	43 B 766 B	23ms 23ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNV57OkL-X04Z0eRDnsEnLOnl99a8eHzsAl8s4uJgreHrJWEbeJT9nZjTKjYbJYfv4Z3GfVSVEJMJjR4KJV_K8DwhIex4IRM8_ZORYhG7sFqBM5o0K2VSE2N6sk-vhGOtwR-syzuO4aBj8PPYzQ3fHQkKiUp0Vuvxl76EZX6cWx5_qpCsgw Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame E583 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1	43 B 1020 B	56ms 29ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNV57OkL-X04Z0eRDnsEnLOnl99a8eHzsAl8s4uJgreHrJWEbeJT9nZjTKjYbJYfv4Z3GfVSVEJMJjR4KJV_K8DwhIex4IRM8_ZORYhG7sFqBM5o0K2VSE2N6sk-vhGOtwR-syzuO4aBj8PPYzQ3fHQkKiUp0Vuvxl76EZX6cWx5_qpCsgw Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT AN-X-Request-Uuid 50e2912b-80ba-45ce-b664-92ba03e29bd9 Server nginx/1.21.3 Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E583 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D	170 B 188 B	40ms 40ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNV57OkL-X04Z0eRDnsEnLOnl99a8eHzsAl8s4uJgreHrJWEbeJT9nZjTKjYbJYfv4Z3GfVSVEJMJjR4KJV_K8DwhIex4IRM8_ZORYhG7sFqBM5o0K2VSE2N6sk-vhGOtwR-syzuO4aBj8PPYzQ3fHQkKiUp0Vuvxl76EZX6cWx5_qpCsgw Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT AN-X-Request-Uuid 197a36d0-f606-4f4c-a5a3-c35fc084fd0d Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 1262 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1	43 B 766 B	45ms 23ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWTjA97cDbxNcEFWErQMS2HUb6FWfKSh4QQ3ClH1B-Fe3E8MsCaU2eZ8VojAhBkceVyCVgg6deH_RFdvi9Z8gcxEvJEOMhSA4eM4RbptdIC_WezD9DmKPlMXaNMXTyamFQkS-OnrvPDPTZSXLf07g27FiPSes8YfRoaA0067iY_ZuGa6Qw Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 1262 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0cQWeciPsd7rLV1ZcanaQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1	43 B 766 B	24ms 23ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWTjA97cDbxNcEFWErQMS2HUb6FWfKSh4QQ3ClH1B-Fe3E8MsCaU2eZ8VojAhBkceVyCVgg6deH_RFdvi9Z8gcxEvJEOMhSA4eM4RbptdIC_WezD9DmKPlMXaNMXTyamFQkS-OnrvPDPTZSXLf07g27FiPSes8YfRoaA0067iY_ZuGa6Qw Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRVdx4Ald2dbkA3PKdi7wU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 1262 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1	43 B 1020 B	64ms 47ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWTjA97cDbxNcEFWErQMS2HUb6FWfKSh4QQ3ClH1B-Fe3E8MsCaU2eZ8VojAhBkceVyCVgg6deH_RFdvi9Z8gcxEvJEOMhSA4eM4RbptdIC_WezD9DmKPlMXaNMXTyamFQkS-OnrvPDPTZSXLf07g27FiPSes8YfRoaA0067iY_ZuGa6Qw Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT AN-X-Request-Uuid 2e08b98f-60b3-451f-9d82-e91e9408a370 Server nginx/1.21.3 Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEK3278szyQcR-rgXnvoRtRY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 1262 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D	170 B 188 B	33ms 33ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQm6y8-gIY482n1AEwAQ&v=APEucNWTjA97cDbxNcEFWErQMS2HUb6FWfKSh4QQ3ClH1B-Fe3E8MsCaU2eZ8VojAhBkceVyCVgg6deH_RFdvi9Z8gcxEvJEOMhSA4eM4RbptdIC_WezD9DmKPlMXaNMXTyamFQkS-OnrvPDPTZSXLf07g27FiPSes8YfRoaA0067iY_ZuGa6Qw Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:05 GMT AN-X-Request-Uuid cf3b6972-dd23-4a09-b756-f00700c9dc54 Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMzMzIzMzIwMzczNTY0NTI2OA%3D%3D Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Show response pagead2.googlesyndication.com/bg/ Frame C219	36 KB 16 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 11:42:26 GMT content-encoding gzip x-content-type-options nosniff age 458679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15993 x-xss-protection 0 last-modified Mon, 03 Oct 2022 10:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Oct 2023 11:42:26 GMT
GET H3	200	w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Show response pagead2.googlesyndication.com/bg/ Frame 20EE	36 KB 16 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 11:42:26 GMT content-encoding gzip x-content-type-options nosniff age 458679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15993 x-xss-protection 0 last-modified Mon, 03 Oct 2022 10:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Oct 2023 11:42:26 GMT
GET H3	200	w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Show response pagead2.googlesyndication.com/bg/ Frame AE23	36 KB 16 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 11:42:26 GMT content-encoding gzip x-content-type-options nosniff age 458679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15993 x-xss-protection 0 last-modified Mon, 03 Oct 2022 10:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Oct 2023 11:42:26 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 5E33	0 26 B	144ms 97ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVeWPnHQTIM2T9FKxzZXSpSXOjm1d3iHj2j8nVyvJPc3NPlHvyWWACPsgYPMDvYZBZq3zEKACNmQwO9nq04CkSkQ2Mrc0_xzsJVey8R2btvuyFvhGeildFAJo6dLOOdlEWNBUSfdFIGnJoSzXXjsNmedXygpS3pN_dY6tkRusVM54_xSLmnWUFhuE_yPv5E1MSyFmlufjf5pTNZTDt6WBKjjxzOgNtRpKYji42LI45Xyr6WW8l7cROihRt9ZzDmAeAqxitIk_sjkpVkrTDT6lk76FqeaSsY5BS-64Y7_jlPsPYLq2ICAC3tISnlBwgDEPxf8M0yPwHwR3LD5bBZlG8poAU5yZMD5cSN6YV9Ix-khkT9FveCaaNPwPJXbjy50kZK8J2P4K8-s52FJigidjx-PnZVeYYXMmqZWAqNKfl5eFewN2JdLIwf6qHwn2GYwbXqE3FO3sYYggA0eDpcmPEVS56fLHDQLKYxaQVNWWINX-fek-O10Bu_L1phZiV5q78TH31sIONzgW7DTVrxXxx9O5b-enQhJZwiSnWBH80ZXys7CSyxAqPMtdpCDLYBTVVK5twEb21bP2Eikh1YWAWD_cSQU1bxrcCGKVpclP8SlFS0Kst5vfvplIu4Vf55ui0QBpWA119ZJaosxEUWOctzj0oOZkQ-rwjsJgVaW2EcfDRTyzzu90abfBt6n7IXLS7ee7rPZxf_Rl__Bj_J9g0U1NvCggBmHnzM_VYQYh6omlh2aeH-4PRCPEFcOJ0Jxjz6G8ydtgbT8yDFm3_ejQJA8IACX_yRBlictBetfWabO2vLF1oKOQiHHGw15n0v2K3lQx_rDOU9xcQWx0LYABR0YROujJ3MOE2z2V4w8xwD7sO3U1wZkj5ZtcqfM2HiXJBejkWoK7tk6fuGeksfOZEsalaqRgTd-5nA5-33WhMf4OP6bSkPDc9wGjdMkXYgu5TIUCzb02MaEleNx36O2bSa7jSaIVI2Q-s4Dg37KmSsyt66smbZQPdlUW7ncBWv_AS4EVNHduKJc9kXkX_0aE1nsY-4kWNs0noxWKGml3ELjgWCn_TyfNvNlUdf3XMAK-0ezgteMdTHspD3IO4BDhvhg-MXKdZdFJUEfwkx8_AJ48ZZtrchmVgMTi_jTCJ11NBZig_y6pPG4gYK0scBF7dc3s2&sai=AMfl-YTTX4Vcis16j7GMq0NXLcxZ90ickr4WzQ_RHVX1aWvyspBbHgKDxlj2P9TLbB8LYVEJlEq-Aqg4TDw1SLzkYtjNZv0wicOMsyZS3a5yZB6Rgh0KZiquw3MhwpzFxXr_JTRt1KKZv9U8J4oO8gOkBJ3rVIokvxH1POvJC9mOrru2tAf37gy2i6_FjFgSBhlpN9f7Kin2URhnOwnpqotVYCHIom55SK1Dz0C9WgajCB6c24By9m9MCAvW1FEc77BOMlS92RtNkMrNtl1ls9WJIUQeLY_trj8SyeMZqJcc7wIdZugSZDpUbAuccOGDqiJjb8nTW8y5U-E8Y9_AKxjEuRY3-XsLCuah2bUg9dr__cMGrfHMjSMc_UQKPL2uUdHuvN_nN6ZwqZbtCHg9dBOOwcO4KK0gj-UHq73bxxKa&sig=Cg0ArKJSzL39CPrYlxtaEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=193&vt=11&dtpt=192&dett=2&cstd=0&cisv=r20221010.65015&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 5577	0 26 B	106ms 60ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0Hf_4cpt1j9GCClsm-ng_hmsRvfx9etklBqRH1jt2sYMEHnHSLxD08Qq4fb0vb4pM1bp3ED0zXv3CJNnxDBZeNMT7F3JElmzhTFGsKRSV3VjEa2zSaiBtaO9BMbdqI4K4RkPEr4UrhjnGHn4gnBTolQrQfc-KaUgb2lnqTi_nVCTrGTQkb8Jt3rTLOVhe-zAhjqjEyUS5L3yYO1cQ29UmRiQn-2qVHniNoCJEGwH2FOtgdyT0ITKtKuzYF3PKCvy7qS07ivUYRFM0NmymMU7v1JhrbeYM3tw6DoV5H6iJC_9QCP1ZTf0k76zqHEj31D3AcnOhsZbDvjhw5j98JbEDotFUpUvq7gEo7kgw_aAlFjfOzSHRJ9kwQL5YEyEamgDl04i_eK3nTCeiEDLK0hd9gnO5lxNe7g1XZPUxcDxZvRiQNI88mYR3xsieDMewWqaqypXhg78xnV9_E6nSz5cOM4bl8pOpusbo0evxGTVOVNx3eodoYFZ8y_C9JzLnd7ikmUa3TSm-8WtoVNXdd5VtnpOFL175PaOWdA9Po6qEUTEmYTf3xIFsbe0Mi_pjP6O6p4rakOczMgXlOWhw6Z6xKUPHySNDO-vHjRT5SpTcD_Xjc0cKVFxZUdaOIK2BhCjJzpXNqFIvBCtqb2C4zRc4ehZFTPAZgIEuwwJ2tvw8jvwpUB-MMfjWr5DlooLltgiHmsMh0M4MB5F0ShJUrKplykq90z0xlm7gfe5UlZdvYdQDq81QPw8sQbe_6hnSxs5B9WtkZ5sM-zzfKPkY5VFMKtgXmchPtUj89jLoPqE3wKqvunfv9CfIgkdcHabutojcdkRAoE9RX213UcXHub2IvRmXZkIXpGWZ_qwesnkDWicKfCPY9y_tXGFMWdYVmoIiHa-w8vHfzr7EBtq_6c_PThSJ6Fkq3TUb6E4wyb7qOFzDhz27vjHRii_mUXlxzuAUdY_ldRq8QzB3zBjvJZLb1eIH9F9EiVID4aSn_aTiYFHxmTa8JJlhXMPSuFnhLPLFDefSN42Xl__9rn9c7xe0ylPDAzez19205YB5mNSrRDw0q_UeAd1wLh-BHORptXoxVv5GvMVfzk05B-yAFDb21WAFRjoh7BARcIj_4zis6tBSeoZ3AiQ50e9QTQV1iWeMg4pVAolop74-R2RsF7JuHqLVKGSALg&sai=AMfl-YTEwbCkWF9yDKnX9EIuc8jKpzv65F4-3syqAZ3lgMyha-0MCPxdXmo_fWDTL6keSAAG5WoJTGgGmRoG8plnH5FU4Cb_ee5x-PuOyQEauAnySewU_s1RbpvFHjR40AIybB1mB12_lKKCvNDUoxUYteDV4k3kh590J0ko680ZRaVu6E-kGBokJ7rlKbRD66s2DbuuDhjD7fU1tOlQz9nMdMBvlybNnsywcLVn0xZRQTCRW8BQ7iRGDEiNZbBE1aLHsI0zqmX1MNDBrNIa8HNmEHXuqkn45F16oSTHiApgHpHWzM7rgyHyoXRcbRJUUUiRAaWM_5aSapLk7FNgrwtyxoGS9MHLTZp4QllKInlMVYbBOqc0uQFHXrHvZ1J77iBp6Qxv48pMerwncfCaTfminTvssvFMy-rVQbNq9c8y&sig=Cg0ArKJSzDeK2CoQ_Re7EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=221&vt=11&dtpt=220&dett=2&cstd=0&cisv=r20221010.56393&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 66C6	0 26 B	143ms 98ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqXgtaI04PUEGEbGP5UUTRID-xFlEBFhiWt9NV5W0eqtwvA2ZVx3fDZwu8S711iTq3tzjCuHafuAy8ZNuANCBxDhJSj51r92B04x6cAV-8EXhDQLxZW5rcX130MeZ0K2fh312BCepa4bE-s6t9qVHizV0TzZ8PH8VfRmzkuwas4Lx5d8SGHM3iOg1p-kMcupEuP1DmBhQWVwdte6Ij5IZTJfeAc1JNilPojX2pLpt45gRxroTbsCGktHd3twj6sv_ucGT1PWrkFjq9uvOuFJvrtApbaUUprQu8B6bCi2G2gru9qjyb-yOxWAEm-wVLolkAkg9sVXZ6A7VI_DYDCJgL4jiQFPuYgQS0bZdVhH7LZvG2Bg4HGBwLuL039rOMQAy-TO20rUG9XUIV-Noz1ooADysz_G65P1zsRlfFef1QDnx5ZE7iClQaeCLFRYW3jq5AWdGkwCokw_5C_8cqy9wJArbD1XTYyO42AvgnNzKAhIYURNasH8YdvcHb3NVL77vnFoFxS8xiVDdXmr_F7JPsG0TIkbYhkOMyrQFewKf6klo11WvEN7-2csRXxDH_cU5pXAOyR18J8OpMPMTfKWeM7PMG58B8HAa0raOcJYphDvQZwMDqOQg8dyx75M18Ar4wCc_zCsxIlak6ICtOr7RkK2FG3jNIIR6mksaPLao4UegTEpqoRcfbIjti8UgUglmuHPJjKKBWRyWQfZPe4tHYc8IeXgs_GMWQSlNAz25X1DXZvk6KQpvJO0Cle72x-PeRP5pItlthf2Jp5UE-_GssZSvMnZF3mV9LRCsttFbk4K1x7FQNxXQASbdJpK9UTfjT5JdWsVar5HDVZO-2Kaw5rKoDmSSyzM9A-3wyCNIHzgXkLIaNSK6iO0Mr6v68zmId9yKeARLraKdBjEuFfyBgPi9tpxiMgCgVxFioHrW9p27uLaSjUFwkBzWiKk-CCnLkhKG2gZU2jN-XOhU0UQkwqBv8oBIJfCWTH9Ykwo7UIpMvr9AJeFKhMSuAQ7Me1eom6PMkk4farkajllbGk272LHLXoo4z5WIrH166msDEHXGDWfGQqRHg_Hm18uilxZ98ekAOY8kKWS1DBqmcr5ruB0kvniaQSGHfzp25VkWZzPuUfbkBHIYL9ZgxoHc9BffDY3sjj6N0WTW5IRFuPgV7wwjd2wyF3Q&sai=AMfl-YS2xHnWahDHMrP61_c5uBKEsZggewrKlu0y-Gr6Fymj3OwqsTveWz5Zaf025sFfM_0t03ssAMehnVZLEbjlzoObWN09V4DQ3UPxEPWlxLbC5fAW_yqwefrq7evgQH_YnFIYTJrqzFKHYXmGuQC2aiIvonV5CVrU2cwlREJvp29jblEAFdqZpc8mhwfkQCTfI3-eBRVhaNapxk8gTaYAYmo0iQuJkPxjcgOMAoUtxAYxjBuhzVd__WqMBngP2wAOQ4feHqcb9M1Aeu9ybOMDMsY9v9qDSJMxni8PjnVVjf4R-eqqU9sdLV5whJcfI669_uG86MyoRpshYk5ho5896IEuRhxwNljyyECJ20SEmv0zX3KL9FGCB3vKQZwFXEu6Qd6eMXMcg7PVluZm0ZntVJHS3QFBnS54HQ7AZ59_&sig=Cg0ArKJSzMApBhpoCd_MEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=205&vt=11&dtpt=204&dett=2&cstd=0&cisv=r20221010.29102&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: www.file.io URL: https://www.file.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AE23	0 20 B	61ms 61ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJHeHVxBHY86QPKGZlQfzg6_gBgAAAAA4AeAEAg&bg=!jo2ljcnNAAYqRg79CkY7ACkAdvg8WpXeEC4hfn5zcuIp0WSU1ejCAcFeYl7PKyOYHnC4nMdt84NLuwIAAACuUgAAAANoAQcKADMWtjiGa5-blu_wrUneP21LTFvQMIfeO334Z8XVP63AIXRQRyCS6kE_bdZafkjZMBSyfACZAudSaiw8nLSWF1CmLh8_wUWsbhysEFcH77M5cNObdebcx9r3KS20GHFUWoIgtWEuzGruBBErap4Gl-747_jjy_JzIT2DafsIJhT_zAJ9VxJCtRnLzA9jdvUPMmMOKmfsqjEOFFBGqDPJtQQVpKiOmwPV9Cb3GcFiQFAw8cqBWvpHILrAPNTL1Bw2X-Oo0CCGtlCF84hPg1DhBXsoQ2xOynhIZaxPG77B7BsrX1C8tlulgznISoTJGZf15g9f8aTHojGFtALrbfeMTpKldVccjF9G--pz42wvqR44fVhYg3y7MivWiH8CwP_NZbNug6CcX6iOY5xUlTpMSlsAHFV--nf0VpDfEUtv-LFogJXVOOYW-MzkxZqs9kM0abypStZ5Z4B0xLoiZO6GhjeR9iyYWyElzE-jeS97k2cnrnxAV0EYtEXDOutXjbyoOCDTXAXR4GkWVWocRQt4TfK5Y7wosKKOCRglXo-lvjtbIzY__ScZ00ZVIkFYFr0BrEB0Jf-ml-BgyOfu7IBXwMAQ7dWX7QQ_AT5OWNt6H2WkOKwdfZ6_6nnnaG2QZIFysI3AYxtzBcGEYUZivsthWkEGxXIUXlHRrtHugkNDv42t7Y1ZuPjMz4c7zo5vkHA5AgFDSuswL6LIjH8_LsOAOLWwmX2NkgpEDCA_KRKh0g-R9YcJclbfHoIWa2FgevsUUN9Wt4gKJ4ch2hWBHiMU4Vk3l_whO_aLlANzdvyYco5VwJZQvfbG_5Ct7OoUvEDwyHNR8gjbEuDHNSj6xXzlqqk_gg3ugG7i8q254AlvVhtm9qFnbd912L17joBX8Of1qZcCa7BidKAALJVupJrJq6ThpYjX6J6Zd2xS_lZ3-lBfbtJ6hB5aj1BrQGtOROUjhYBoIfEe8BD-Dg1-iuC6_FI242VtTrb68wKuQ2Jxf20hfPrOuFVxIJySe4QNH-ybOWhJZLWuDKxyB-UZu_3MWs789ac78hFsCNS5f3J3Bg Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C219	0 20 B	61ms 61ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1vnOVxBHY8-QPKGZlQfzg6_gBgAAAAA4AeAEAg&bg=!NDelN3PNAAYqRg79CkY7ACkAdvg8Wo4FUTqcBSnZQws5-Un9hRlbRNEWHcKxVseg1a1GPs5_45MYpQIAAADTUgAAAANoAQcKAH4mRvi657ESvxbpSCqIKyEFDQk2bpV_Ex1qmV6Pn-B74c5d_pylWbnxh7pr-QH7wj3v0L54YoF9hGdeLAa2UiqWWOVLm6_yZ4V4cg8_tgyeK6AsUBfnORzWcww8lPmhiUHpa0zD8dgd40MyXgavn7lbK5uMh3wOf4wPVvSHIt6ZAvdqvTGnxwo3wcXP5lN1DW7hNU9DY7gfyQagXzZJAL3w9UJfZH7Ub492Oa3uc2SF_XjTyA7oHTO6onJ7ynhKqFwEaQREKebcIw8Mg9sCJNkqPxhRMIsIbSCONkNL-w7QLjCxFIda-DQ0FTo8dad1hughA0B7MTgVObqBbgfvfcqBZFxytI7sEO39mAXyZFSbAknZC4Y3Cm9SSvDY2eDjyl61x0Jpgmzr7aJp4QRPpst0NQt69nufm4IxoirbPIvvMPbALpRiOJ8irqZyHcv4wiJnVl4kFVykW8KCiCSoAhi6nVLJ9IJuxI3ysYGk-__qp6NuP0IjbUg96oYx8uAaLb_zc6NvzrvGMtanKN6uIavH2hOwYeMD8J7brgL5QyqwheEeABHMPtIdntIYKhgf0pGtIMx1CH1IHuizUfEtqc4yM0Aabh9B4okeOmGATpNQRBB3H9u3oLUKcC0kcfPlEFIVQOoI_F8sbY5D0QsFwE8DJ3jlrPXIEVfXCYj8M1Ux5bP2sTeFmA92ATU4cCOImHrB7H5dAlX4TIGMuS0Q_v1u0Dr54X5w0e59NJKQX5LirSc7BF1uwG9eTKLqgRcmNPa5eozEyZFSKGq1tqBjolAhu83MBy27rQhCM-6qa1EVpGFx5FGKMAx0LjynAxDTToyUrmBOpjDHrGG43MfEXGM6gOdEfbemY4HNKgr2-LrHYY5H16D5WGlyjN8fdju194P0SgdlJP9e2QULGCmqWhA_Mp9Cm62Fci7lAbu4o-TLAl_5-HXF9jaShiz3xmqSotwgukyUq-sndD6zPjkzCfbaMENiMzRqfspJQyuv8hZNlRSTAq4W9gqZC7VhBMGKQusqfzGTbHWPahYgm_yQcFRRYAVb0IZFch9f_3sW0IXjsIlyfism3sBRaecc1HUSq50Tt-GF2NS4yGZMI0IZ8Dyh1vBfOL-3hTJ3uQJxz7BNLuYvOXokFW06y3qPtSX4zqVG37dTXhgj-4gQdSK_m9K3TK4paaN-oqY Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 20EE	0 20 B	60ms 60ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUjwTVxBHY9CQPKGZlQfzg6_gBgAAAAA4AeAEAg&bg=!oaKloubNAAYqRg79CkY7ACkAdvg8WqEKLJItaZvLM_UwnueY9Ix_8TtW_iaY2_HOsjEvE7jXJw30ZAIAAADHUgAAAAJoAQeZAujkOdtZoS9mzvMGfptr17pmuCtGR9g9MnSRWgTJatI73_uqf8iqrjP9hXXQv-tulpdFJbGWr_PhxP819pjGseZfZZDzXriO4JSfXl8FHhLlI8nrGp3qOmmZQ8lHa6ggoCGqH6iFwuxNnjW4Mg4I0Zpj2ZcO4UXBuDd0uHNed2Lre8rEQ2uzKgWwg8Al1U3XkkuyukjmBI38uWYSe-eCaPWhv-nU4usCCxahfo-hkb6QECG6hXOAnbDAg3ZKnwGsCpleFKmPiCj7KORO_eYNwJKE5edy1AsxLg-VlbSIAhM-6FTK2pr7nhjrVhp8NYsXu1kqh2XgmmryNL5JKTYAG5LxhGbbBPnMP6l74co15vN74VrXFcfquMvGZzWs6Px7UfP-1EPv5F0tkrwNqmP54mz7KwzMDuHWG713saocBsf7NlaTCdaRE7nh1gHoQlg-6koVmTX24KrzBeJ3ybHNIuSe4xkyRiUHgO0BZFTkTtYy-qGvqr3I-waAojMm2fHvrIVsHhupJ0UEXxyg1Rlgu3TbhVwOTTCchiuerXOayP8_GPsiuIFaE7b5r9qURA2LxvVHT9zCpBl0JhZGyiK1IAy8jtrmri88yB8VJQ3TJS_eXUdwJsiCmWcdw2Xi8lQwLqFCF495b6rv6LNziVYX4oPsa6hmbFv3zlaHKB1d9dS5o8LFAvQWJngMkAfVLUIOE7l4R1MCrPE946GWtRuAeMUVwr_CZrcpH2rmjYlWVShnrt6P7hOn2wRFopanPzV4T7ek9u2KpwA3c_oulhz5e-32aFnuRJy2LbcNzZJLpmV3q8RXzu-mAscCtsIp3h1c0dNQrm1scSQCvoqQRaw2v0kXnPAxwzAf_D1bv0301RKgXWahqil8Ij5tLUx0jMoupj-Ziob9HFcuzX2r5sZjQ2794bscTXSRMzApUu76MmNBNPS2LePfjQ4PxnU-tV6NPLTXK9sTexg9bUM4X5FsJ3wtasmt9jl1QDw Requested by Host: ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com URL: https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	page-data.json www.file.io/page-data/plans/	0 625 B	39ms 37ms	Other application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/plans/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.file.io/ Origin https://www.file.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:53:52 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id QH7SEBV3N220VRVP x-amz-cf-pop FRA56-P5 age 83595 x-cache Hit from cloudfront content-length 141 x-amz-id-2 DD8VAmuX6cpK+J7wXWeKJNPYGHgRMggResDz0XN6d1vy68RCUyc/sa1KgGXfz93wn0yycmqS31o= last-modified Thu, 06 Oct 2022 17:12:04 GMT server AmazonS3 etag "1022652c2bef86b84cb16cd11c50b2ca" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id VcstJLTjyE2kDy2MhUuUFAmI8tdJ1z-L8Gl3x6CSxnwHt5JSv5Ks5Q==
GET H2	200	page-data.json www.file.io/page-data/signup/	0 623 B	40ms 39ms	Other application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/signup/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.file.io/ Origin https://www.file.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:53:52 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id QH7GKCGCV2FAQQPW x-amz-cf-pop FRA56-P5 age 83595 x-cache Hit from cloudfront content-length 137 x-amz-id-2 KfACheDsUrh7KOLTwcrWLS/O1KVuqzkpgotZruyUJdwYgFE5pxmG2eg23kxVjPzmVax8ebcyAvw= last-modified Thu, 06 Oct 2022 17:12:04 GMT server AmazonS3 etag "68baf9ac2f5dcaef64744f1f45d71de0" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id MqlRNkOVLkBqzlp88m_Z15PIAH3y6m2YaS5PIN_xTCJcawDFBp280Q==
GET H2	200	page-data.json www.file.io/page-data/login/	0 622 B	37ms 37ms	Other application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/login/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.file.io/ Origin https://www.file.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 20:03:34 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id WGBFHPECP0R28TXH x-amz-cf-pop FRA56-P5 age 83013 x-cache Hit from cloudfront content-length 135 x-amz-id-2 KnPouyUMJszT8vX/PRcmvKzCv50CjgXjID4ISKEC718ZVxgMDcqPy45GDo11nXHcpFZwynMVZNY= last-modified Thu, 06 Oct 2022 17:12:04 GMT server AmazonS3 etag "4f561e1f747160f0e60849c13facafec" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id MloUOamqK8BnUTMIJMJ5IcB4IauFqCw_naCkNZOMz1pRNVDgQDQYKg==
GET H2	200	page-data.json www.file.io/page-data/developers/	0 648 B	38ms 38ms	Other application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/developers/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.file.io/ Origin https://www.file.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:53:52 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id QH7VXTWEDWTPCYK0 x-amz-cf-pop FRA56-P5 age 83595 x-cache Hit from cloudfront content-length 163 x-amz-id-2 jElVwHoX4i+qbIB7W7j+wBtfaadYvEr8eQSNGR+miSw1BIQPFw1wDr+TFtcouDG1L1g508aWaac= last-modified Thu, 06 Oct 2022 17:12:03 GMT server AmazonS3 etag "d7bc956a5292f7440e9ca53e421dd579" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id fxqTcrin2xx15_7u2wi4Z09_pxrQlSLGA0EYeHabSUILcSEjo5BXBw==
GET H2	200	page-data.json Show response www.file.io/page-data/login/	135 B 621 B	39ms 37ms	XHR application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/login/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 20:03:34 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id WGBFHPECP0R28TXH x-amz-cf-pop FRA56-P5 age 83013 x-cache Hit from cloudfront content-length 135 x-amz-id-2 KnPouyUMJszT8vX/PRcmvKzCv50CjgXjID4ISKEC718ZVxgMDcqPy45GDo11nXHcpFZwynMVZNY= last-modified Thu, 06 Oct 2022 17:12:04 GMT server AmazonS3 etag "4f561e1f747160f0e60849c13facafec" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id FuoggFaVcdmK47ytpJtH4m8eHwBf7MkMflKJZQHpN8GnJKDl-ErGug==
GET H2	200	page-data.json Show response www.file.io/page-data/plans/	141 B 626 B	38ms 37ms	XHR application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/plans/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:53:52 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id QH7SEBV3N220VRVP x-amz-cf-pop FRA56-P5 age 83595 x-cache Hit from cloudfront content-length 141 x-amz-id-2 DD8VAmuX6cpK+J7wXWeKJNPYGHgRMggResDz0XN6d1vy68RCUyc/sa1KgGXfz93wn0yycmqS31o= last-modified Thu, 06 Oct 2022 17:12:04 GMT server AmazonS3 etag "1022652c2bef86b84cb16cd11c50b2ca" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id 3IL6rOKWknGNx4mXY0oFkkLk40xqH8fIcQm3DnsY1HOtWaAZDyvISQ==
GET H2	200	page-data.json Show response www.file.io/page-data/developers/	163 B 650 B	42ms 41ms	XHR application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/developers/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:53:52 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id QH7VXTWEDWTPCYK0 x-amz-cf-pop FRA56-P5 age 83595 x-cache Hit from cloudfront content-length 163 x-amz-id-2 jElVwHoX4i+qbIB7W7j+wBtfaadYvEr8eQSNGR+miSw1BIQPFw1wDr+TFtcouDG1L1g508aWaac= last-modified Thu, 06 Oct 2022 17:12:03 GMT server AmazonS3 etag "d7bc956a5292f7440e9ca53e421dd579" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id Yx4fM5-G4MbLMQWDV_jhL-TaCVZRhopd5KDlYFffZupc_Xfew-CfXQ==
GET H2	200	page-data.json Show response www.file.io/page-data/signup/	137 B 623 B	39ms 38ms	XHR application/json	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/page-data/signup/page-data.json Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 19:53:52 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) x-amz-request-id QH7GKCGCV2FAQQPW x-amz-cf-pop FRA56-P5 age 83595 x-cache Hit from cloudfront content-length 137 x-amz-id-2 KfACheDsUrh7KOLTwcrWLS/O1KVuqzkpgotZruyUJdwYgFE5pxmG2eg23kxVjPzmVax8ebcyAvw= last-modified Thu, 06 Oct 2022 17:12:04 GMT server AmazonS3 etag "68baf9ac2f5dcaef64744f1f45d71de0" vary Accept-Encoding content-type application/json cache-control public, max-age=0, s-maxage=86400 accept-ranges bytes x-amz-cf-id qyODy0fj02F6dM6aQ_LC1Y3WPFxOHhFUZGie_KLXMoVIfjmjUOTNkA==
GET H2	200	component---src-pages-plans-index-js-96d405d5fd543f9313a9.js www.file.io/	0 940 B	38ms 38ms	Other application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/component---src-pages-plans-index-js-96d405d5fd543f9313a9.js Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:53:07 GMT via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:58 GMT server AmazonS3 x-amz-request-id QPXF6KVWMM6AJZM8 x-amz-cf-pop FRA56-P5 etag "8139bb6ed64141936a03214f930ef478" age 429240 x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 accept-ranges bytes content-length 473 x-amz-id-2 JDiHPZ5/uoEcEeDGrh8oPoEviLHi6wmuWgEVuCOdFYpbubL6Mm0yUlh8wjigjq1NX2gOiVHvpKs= x-amz-cf-id ttDBKLJe1920KdTq1lLv60Y3ZdcsNWvpsrHCF6SkYh-JW8pzwjLJhg==
GET H2	200	component---src-pages-login-js-8b4ef13d8d99765162da.js www.file.io/	0 6 KB	46ms 46ms	Other application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/component---src-pages-login-js-8b4ef13d8d99765162da.js Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:30 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:58 GMT server AmazonS3 x-amz-request-id M19JNP3YAB1ZBF4N x-amz-cf-pop FRA56-P5 etag W/"42d35658c40d04d6d2845a41aded67f8" age 432097 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id v1jFaiLKv4MZfhXThE3SguL5BCy_uLjcWr8CA52iiLC1bVIHG99ANA== x-amz-id-2 tL+0xJdSuU+gV+ZeNQRb4zO66GNGTkxAZ26Z5iMlj8Y6MQ2utICrn88CEYp9dvtNtNAfAsvmACE=
GET H2	200	component---src-pages-signup-js-1a83f5fd1238ade6fa23.js www.file.io/	0 7 KB	45ms 45ms	Other application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/component---src-pages-signup-js-1a83f5fd1238ade6fa23.js Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:35 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:59 GMT server AmazonS3 x-amz-request-id QKX5HG872FF13XD9 x-amz-cf-pop FRA56-P5 etag W/"095f55f0ba100895ad857054e6e6b681" age 432092 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id f-_Y08IXgY13Im-vddhNHw2ZFVSZG-rXTfJjuR7sszeYVnlCkzmBoA== x-amz-id-2 bGZXdHHh+e6A7calnFWGBFQ1wme4jrhZMU1VMZybYYne3pIkTrH+SCLGvScoN3Sj1AAGAwghKQE=
GET H2	200	component---src-pages-developers-index-js-bb30e90ccc1dc87181bd.js www.file.io/	0 169 KB	38ms 38ms	Other application/javascript	18.66.112.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.file.io/component---src-pages-developers-index-js-bb30e90ccc1dc87181bd.js Requested by Host: www.file.io URL: https://www.file.io/app-438588750f6b6905c6ff.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-32.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.file.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 07 Oct 2022 19:05:27 GMT content-encoding br via 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront) last-modified Thu, 06 Oct 2022 17:11:57 GMT server AmazonS3 x-amz-request-id E5N9VXNQBJBKVN6M x-amz-cf-pop FRA56-P5 etag W/"173768e620742d36cc9423a97819e683" age 432100 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=31536000 x-amz-cf-id FjyQ7No2C1IBmh9uFQO33nVnYcw5hgCpGxCt1qjLom3xBvOE8vBoKA== x-amz-id-2 pcu5+aDtottiNHpr9Tx+ZuHwAEVyYLiIUYL4ZbHnbw8KtQLM8ObinztKX0Yftg7t08vpueKszYw=
GET H2	200	pbjs Show response sync.quantumdex.io/usersync/ Frame CA04	4 KB 1 KB	132ms 119ms	Document text/html	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/pbjs Requested by Host: www.file.io URL: https://www.file.io/scripts/prebid7.18.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94eca3eb210652693eaa8821a322cd505f49f2160962d6ccc15f2df974c03dc1 Request headers Referer https://www.file.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 75921dd809e7926d-FRA content-encoding gzip content-type text/html date Wed, 12 Oct 2022 19:07:06 GMT server cloudflare
GET H2	204	/ s.ad.smaato.net/c/ Frame CA04	0 241 B	112ms 21ms	Image text/plain	2600:9000:20eb:7200:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:7200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT cache-control no-cache, must-revalidate via 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA2-C1 x-amz-cf-id VEZl4ZkwgymbHtkgCU5XuY_JXZT5G8qEsd2SLlaQ6GmUqM9Cab4vzw== x-cache FunctionGeneratedResponse from cloudfront
GET H2	200	setuid sync.quantumdex.io/ Frame CA04 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7333233203735645268	43 B 128 B	118ms 118ms	Image image/gif	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7333233203735645268 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 75921dd92bc5926d-FRA content-length 43 content-type image/gif Redirect headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:07 GMT AN-X-Request-Uuid f7ebdffb-2bfe-4795-b6ba-dad6f804ec0a Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7333233203735645268 Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame CA04 Redirect Chain https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C... https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA	43 B 94 B	120ms 120ms	Image image/gif	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 75921ddace81926d-FRA content-length 43 content-type image/gif Redirect headers pragma no-cache strict-transport-security max-age=86400 ; includeSubDomains, max-age=604800 date Wed, 12 Oct 2022 19:07:07 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA location https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA content-type text/html cache-control max-age=0, no-cache, no-store content-length 154 x-mnet-hl2 E expires Wed, 12 Oct 2022 19:07:07 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame CA04 Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nWyKubxE2uFoVzRkFGHTRw2RJtms_WDBssKzYEc-~A	43 B 94 B	131ms 131ms	Image image/gif	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nWyKubxE2uFoVzRkFGHTRw2RJtms_WDBssKzYEc-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 75921dd9ed06926d-FRA content-length 43 content-type image/gif Redirect headers location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-nWyKubxE2uFoVzRkFGHTRw2RJtms_WDBssKzYEc-~A date Wed, 12 Oct 2022 19:07:07 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	v1 match.sharethrough.com/FGMrCMMc/ Frame CA04	0 35 B	108ms 22ms	Image text/plain	3.121.205.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.121.205.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-205-163.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame CA04 Redirect Chain https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-0b065b2c-b8a0-342c-838a-760431c51b64	43 B 94 B	137ms 136ms	Image image/gif	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-0b065b2c-b8a0-342c-838a-760431c51b64 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 75921ddcb977926d-FRA content-length 43 content-type image/gif Redirect headers location https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-0b065b2c-b8a0-342c-838a-760431c51b64 pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT cache-control no-store content-length 0 vary origin expires 0
GET H/1.1	204 No Content	pixel ap.lijit.com/ Frame CA04	0 277 B	128ms 32ms	Image text/plain	216.52.2.19 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 12 Oct 2022 19:07:07 GMT Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Access-Control-Allow-Methods GET, POST, DELETE, PUT
GET H2	200	setuid sync.quantumdex.io/ Frame CA04 Redirect Chain https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 https://sync.quantumdex.io/setuid?bidder=between&uid=9359b978-2c88-521d-a2d0-fa51c197ea0a	43 B 94 B	113ms 113ms	Image image/gif	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=between&uid=9359b978-2c88-521d-a2d0-fa51c197ea0a Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 75921dda1d55926d-FRA content-length 43 content-type image/gif Redirect headers location https://sync.quantumdex.io/setuid?bidder=between&uid=9359b978-2c88-521d-a2d0-fa51c197ea0a cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H/1.1	200	0.gif id5-sync.com/i/495/ Frame CA04	43 B 1 KB	85ms 26ms	Image image/gif	162.19.138.117 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 , France, ASN16276 (OVH, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Wed, 12 Oct 2022 19:07:06 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR"
GET H2	200	usermatch Show response ssum-sec.casalemedia.com/ Frame C13C	2 KB 1 KB	144ms 61ms	Document text/html	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f73727e7131ceb20bf671cd1ac99af078fbb15f07f0985b5daaeff0a1b58ac30 Request headers Referer https://sync.quantumdex.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 75921dd98e6f9b63-FRA content-encoding br content-type text/html date Wed, 12 Oct 2022 19:07:07 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2zDjP1A9BkwlT4NHweW%2BVJB0LUGpHDsCLgwq4R3xIwxApVXSk2X3S2gWHrQUPSDX4q83NYmQaaigjO%2Fzi8YTtxFDIgYoYP2OmLRZAWhHNna8pcrApTtdlkHw%2B1vZUb3Am34uG357EvnJg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 58C4 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east	281 B 554 B	98ms 25ms	Document text/html	23.205.235.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-235-133.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://sync.quantumdex.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Wed, 12 Oct 2022 19:07:07 GMT ETag "40014-119-5d32342a551c0" Last-Modified Tue, 14 Dec 2021 23:07:59 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Wed, 12 Oct 2022 19:07:07 GMT location https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east server AkamaiGHost
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame DEEE	15 KB 6 KB	118ms 26ms	Document text/html	23.35.228.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-228-201.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152 Request headers Referer https://sync.quantumdex.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=56645 content-encoding gzip content-length 5549 content-type text/html; charset=UTF-8 date Wed, 12 Oct 2022 19:07:07 GMT etag "1300708-3de4-5d6ef246ef4cf" expires Thu, 13 Oct 2022 10:51:12 GMT last-modified Tue, 01 Feb 2022 06:38:00 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache/2.2.15 (CentOS) unused62 8096267 vary Accept-Encoding
GET H2	204	pbsync usermatch.targeting.unrulymedia.com/ Frame CFEF	0 0	119ms 27ms	Document text/plain	213.19.147.45 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.45 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US), Reverse DNS Software / Resource Hash Request headers Referer https://sync.quantumdex.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers date Wed, 12 Oct 2022 19:07:07 GMT
GET H2	204	/ onetag-sys.com/usync/ Frame CB2A	0 0	99ms 23ms	Document text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/pbjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://sync.quantumdex.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store strict-transport-security max-age=15552000
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5E33	42 B 64 B	112ms 64ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfE-LBvZ9huOEAB0PEXWNyGJz4g2_CzufUSDxxZpTir-YXppewxgvZk_P-S1eh784oZ3Ure3Me3i6GABWOfNHM8YR_OodaB-9MWgZNeDIRCKet1SmnJ40sD2SnyQ&sai=AMfl-YQ_XgusEiv5NDZ11QIu6u0vmLfPNV8nQzO9DxQnQ4gzwuCcV-d1tX5QZC2eRJuasq7L7jptu5B2AJ0L_fRj0Z_-O7v98N9klz_ORc5_fMjUL-cTDGqNzV7rjkMI_W959mE&sig=Cg0ArKJSzBjw5qLIlQFAEAE&cid=CAQSPwCsnQUxBhLKHBpnGD1lEeIqyqVTNw98SCL2cCH8YrTZzR9eu1zw5ibo1ks16Hh8Ffjs16opox5Oj2rLqzyfDRgBIA4&id=lidar2&mcvt=1000&p=328,393,928,693&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2093335146&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665601624995&rpt=1117&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5577	42 B 64 B	77ms 60ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstS0H0y67O3pxV-U5cjZKns_UNWqGAecwDe45n0xk-smS_9dYPzE4I0lUIahyHxSiPRCFzFgxtFoF1-PfpXJZnnFPDDOCdc9fm59uE6B_f2KvO0x9hzttV9WnfiDA&sai=AMfl-YRim88BPma_1rKqUScdfvTjOnubQV-65h9QAF7drtcpdXJ-2bguZR84mVwepg5HtXWkx_QMbmjhgio8GBaOtk8q0s42bSVqGTF4Ke2aO2NOGzgN1-0v5sSX9NiwaB_q8W4&sig=Cg0ArKJSzA9J-gGg4NO_EAE&cid=CAQSPwCsnQUxBhLKHBpnGD1lEeIqyqVTNw98SCL2cCH8YrTZzR9eu1zw5ibo1ks16Hh8Ffjs16opox5Oj2rLqzyfDRgBIA4&id=lidar2&mcvt=1000&p=328,806,928,1106&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3306312227&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665601624999&rpt=1146&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 66C6	42 B 64 B	73ms 59ms	Fetch image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8eLAsobckkaeuFjgzrkTqBauminwWZnBYCQuHID-QqFl_ti9qJvtSqEmRj7xobnZ0DZkQZ5n8GHsaTT4e5v6U4TBl4cM1xRq3bHMMWDVqIdHARE_oOGQidKLZ-w&sai=AMfl-YQO9-r3nEB2_ZAMZoNTiv2aCqqtMZzCva_E8RFIZQF4puOO2JQo0IOJ_m98xRmwm_bxfWic-fgZi5qk9gx9TWj4MidTHA0MA2Li5jtRwFlIJ0P279hR7FrpBn5KpHuNJkk&sig=Cg0ArKJSzIWeluOgrzupEAE&cid=CAQSPwCsnQUxBhLKHBpnGD1lEeIqyqVTNw98SCL2cCH8YrTZzR9eu1zw5ibo1ks16Hh8Ffjs16opox5Oj2rLqzyfDRgBIA4&id=lidar2&mcvt=1004&p=328,1219,928,1519&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2065559030&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665601625003&rpt=1128&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ee6211785e42446261c69cc53e4ea4c4.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame DEEE	3 KB 3 KB	112ms 36ms	Script text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73546605&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 1954c680b7c98973ae833a8220608b37523fe15146bf1566366124a8563d06da Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Wed, 12 Oct 2022 19:07:06 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H3	200	usermatchredir ssum-sec.casalemedia.com/ Frame C13C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB&gdpr_consent=&us_privacy=&gdpr= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENiMg6nhvJsJsiEu-A3vpj4&google_cver=1	43 B 877 B	79ms 51ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENiMg6nhvJsJsiEu-A3vpj4&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H3 Server 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crVzrPmwQyO0wiCNrqwTcwMcvP6pdFas%2BH5W%2BxVp0CmoKPIIbK0Z0AYzbp3lsU0OZt0HxEixqd03aILBmkh9vymIXxq4MxGGOaDYkoDwSdNkaP0zMku%2BUTB7ySJ3yhJvnssk98t5I1l3kg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 75921dda69be9be6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENiMg6nhvJsJsiEu-A3vpj4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 342 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame C13C Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB&dcc=t	43 B 855 B	137ms 136ms	Image image/gif	209.54.182.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Server 209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:07 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid NGR256CGB32J5QZ9GJT8 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:07 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid AAX9Q7400NA7R5Q4BJY0 Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame C13C	70 B 265 B	147ms 46ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-type image/gif pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB pr-bh.ybp.yahoo.com/sync/casale/ Frame C13C	43 B 603 B	148ms 48ms	Image image/gif	2a05:d018:d29:3601:2eb1:fd74:c477:e429 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/casale/Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB?gdpr_consent=&us_privacy=&gdpr= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:d29:3601:2eb1:fd74:c477:e429 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif content-length 43
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame C13C Redirect Chain https://ad.turn.com/r/cs?pid=21 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3293524998071827664	43 B 766 B	75ms 25ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3293524998071827664 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:07 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 43 Expires 0 Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3293524998071827664 pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	ix ad4m.at/ad/sim/ Frame C13C	0 0	351ms 121ms	Image text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad4m.at/ad/sim/ix Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers
GET		indexexchange sync.adotmob.com/cookie/ Frame C13C	0 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame C13C Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y0cQWwABVfxeiAA1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0cQWwABVfxeiAA1&_test=Y0cQWwABVfxeiAA1	43 B 766 B	35ms 24ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0cQWwABVfxeiAA1&_test=Y0cQWwABVfxeiAA1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:07 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers x-served-by cache-hhn4062-HHN pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT via 1.1 varnish server Varnish x-timer S1665601627.389105,VS0,VE0 x-cache HIT location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0cQWwABVfxeiAA1&_test=Y0cQWwABVfxeiAA1 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	setuid sync.quantumdex.io/ Frame C13C	43 B 94 B	113ms 113ms	Image image/gif	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=Y0cQWeciPsd7rLV1ZcanaQAAFHMAAAAB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 75921dda0d38926d-FRA content-length 43 content-type image/gif
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 58C4	31 KB 10 KB	42ms 42ms	Script text/html	23.205.235.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-235-133.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 12 Oct 2022 19:07:07 GMT Content-Encoding gzip Last-Modified Thu, 15 Sep 2022 22:38:47 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28283 Connection keep-alive Content-Length 9421 Expires Thu, 13 Oct 2022 02:58:30 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 58C4	284 B 536 B	108ms 24ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/jpg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 284 X-RPHost 4b510f0cc5fcbc9800016ef543086418 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	match Show response c1.adform.net/serving/cookie/ Frame FAD9 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&cid=7FAD1F41-9AB7-432A-8BEA-DE416CED9588 https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FAD1F41-9AB7-432A-8BEA-DE416CED9588	35 B 477 B	33ms 33ms	Document image/gif	37.157.6.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FAD1F41-9AB7-432A-8BEA-DE416CED9588 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform content-type image/gif date Wed, 12 Oct 2022 19:07:07 GMT expires -1 pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains Redirect headers access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform content-length 0 date Wed, 12 Oct 2022 19:07:07 GMT expires -1 location https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7FAD1F41-9AB7-432A-8BEA-DE416CED9588 pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame ED2A Redirect Chain https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2172817844122876230	0 74 B	36ms 35ms	Document text/html	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2172817844122876230 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, private content-encoding gzip content-type text/html; charset=utf-8 date Wed, 12 Oct 2022 19:07:07 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers content-length 0 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2172817844122876230 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H2	502	Pug Show response simage2.pubmatic.com/AdServer/ Frame 744F Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4d236347-105b-4700-b408-14c60e70273e&gdpr=0&gdpr_consent=	568 B 650 B	90ms 26ms	Document text/html	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4d236347-105b-4700-b408-14c60e70273e&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 568 content-type text/html; charset=UTF-8 date Wed, 12 Oct 2022 19:07:06 GMT server nginx Redirect headers Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Length 0 Content-Type image/gif Date Wed, 12 Oct 2022 19:07:07 GMT Expires Wed, 12 Oct 2022 19:07:06 GMT Keep-Alive timeout=360 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server MT3 4539 98cc2da master zrh-pixel-x26 config:1.0.0 location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4d236347-105b-4700-b408-14c60e70273e&gdpr=0&gdpr_consent=
GET H2	200	usersync.aspx Show response dis.criteo.com/dis/ Frame 25CC	43 B 364 B	103ms 36ms	Document image/gif	178.250.2.151 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-type image/gif cross-origin-resource-policy cross-origin date Wed, 12 Oct 2022 19:07:06 GMT expires Wed, 12 Oct 2022 00:00:00 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" pragma no-cache server Kestrel server-processing-duration-in-ticks 7302212 strict-transport-security max-age=31536000; preload; x-errorlevel 0
GET H/1.1	200 OK	dcm Show response aax-eu.amazon-adsystem.com/s/ Frame 071F Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FAD1F41-9AB7-432A-8BEA-DE416CED9588&redir=true&gdpr=0&gdpr_consent= https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FAD1F41-9AB7-432A-8BEA-DE416CED9588&redir=true&gdpr=0&gdpr_consent=&dcc=t	43 B 855 B	201ms 200ms	Document image/gif	52.94.223.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FAD1F41-9AB7-432A-8BEA-DE416CED9588&redir=true&gdpr=0&gdpr_consent=&dcc=t Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Wed, 12 Oct 2022 19:07:07 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid 5AX18S0M5YXHPBDT0NJA Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Wed, 12 Oct 2022 19:07:07 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7FAD1F41-9AB7-432A-8BEA-DE416CED9588&redir=true&gdpr=0&gdpr_consent=&dcc=t Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid CSRDDBAK5TJH0HYBB0SP
GET H2	200	setuid Show response sync.quantumdex.io/ Frame 25DF	43 B 94 B	124ms 122ms	Document image/gif	2606:4700:10::ac43:2ac9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=7FAD1F41-9AB7-432A-8BEA-DE416CED9588 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 75921ddabe5c926d-FRA content-length 43 content-type image/gif date Wed, 12 Oct 2022 19:07:07 GMT server cloudflare
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame DEEE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f60fQZq3QyqL6t5BbO2ViA%3D%3D https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=	15 KB 15 KB	30ms 29ms	Image text/html	23.35.228.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-228-201.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers unused62 8096267 date Wed, 12 Oct 2022 19:07:07 GMT content-encoding gzip last-modified Tue, 01 Feb 2022 06:38:00 GMT server Apache/2.2.15 (CentOS) etag "1300708-3de4-5d6ef246ef4cf" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-type text/html; charset=UTF-8 cache-control max-age=56645 accept-ranges bytes content-length 5549 expires Thu, 13 Oct 2022 10:51:12 GMT Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame DEEE Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ddef6347-105a-4100-a95d-86a5d0e15dab	0 179 B	134ms 35ms	Image text/plain	185.64.190.81 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ddef6347-105a-4100-a95d-86a5d0e15dab Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:06 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Wed, 12 Oct 2022 19:07:07 GMT Server MT3 4539 98cc2da master zrh-pixel-x25 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ddef6347-105a-4100-a95d-86a5d0e15dab P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Wed, 12 Oct 2022 19:07:06 GMT
GET H/1.1	200 OK	pixel ps.eyeota.net/ Frame DEEE Redirect Chain https://pixel.onaudience.com/?partner=214&mapped=7FAD1F41-9AB7-432A-8BEA-DE416CED9588 https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e53c04dc6d58cc22540569fc8d9687cc&gdpr=1 https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6700b78c6f9f83f7/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%... https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=6700b78c6f9f83f7/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp... https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent} https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgi... https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=933f38b33edf086c	0 344 B	112ms 23ms	Image text/plain	3.127.178.105
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=933f38b33edf086c Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol HTTP/1.1 Server 3.127.178.105 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 12 Oct 2022 19:07:08 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers location https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=933f38b33edf086c content-length 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame DEEE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0ZBRDFGNDEtOUFCNy00MzJBLThCRUEtREU0MTZDRUQ5NTg4&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	0 74 B	112ms 36ms	Image text/html	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Wed, 12 Oct 2022 19:07:07 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame DEEE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAmhgTmUaUxsJvi-eKPwo3I&google_cver=1	0 74 B	104ms 35ms	Image text/html	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAmhgTmUaUxsJvi-eKPwo3I&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Wed, 12 Oct 2022 19:07:07 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAmhgTmUaUxsJvi-eKPwo3I&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame DEEE	43 B 610 B	104ms 29ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 19:07:07 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Tue, 11 Oct 2022 19:07:07 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame DEEE Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3839348173923142669	0 217 B	28ms 27ms	Image text/html	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3839348173923142669 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Wed, 12 Oct 2022 19:07:06 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx access-control-max-age 86400 access-control-allow-methods GET location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3839348173923142669 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame DEEE	70 B 264 B	48ms 47ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-type image/gif pragma no-cache date Wed, 12 Oct 2022 19:07:07 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame DEEE Redirect Chain https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7333233203735645268&gdpr=0&gdpr_consent=	0 225 B	114ms 35ms	Image text/html	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7333233203735645268&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Wed, 12 Oct 2022 19:07:07 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Pragma no-cache Date Wed, 12 Oct 2022 19:07:07 GMT AN-X-Request-Uuid 352ef5b9-5b43-45b6-83a0-884ceaf3e398 Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7333233203735645268&gdpr=0&gdpr_consent= Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	sync.php pixel-us-east.rubiconproject.com/exchange/ Frame 58C4	0 239 B	495ms 112ms	Image image/gif	8.43.72.97
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 8.43.72.97 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost a414d61fde5a538d1bc5c621aec59518 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sync.adotmob.com

URL

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d