send-anywhere.com Open in urlscan Pro
13.225.78.95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sendanywhe.re/LZERUAA6
Effective URL:
https://send-anywhere.com/web/downloads/LZERUAA6
Submission Tags: falconsandbox
Submission: On February 14 via api (February 14th 2023, 10:23:27 pm UTC) from US — Scanned from DE

Summary HTTP 312 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 60 IPs in 13 countries across 60 domains to perform 312 HTTP transactions. The main IP is 13.225.78.95, located in United States and belongs to AMAZON-02, US. The main domain is send-anywhere.com. The Cisco Umbrella rank of the primary domain is 101760.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on January 11th 2023. Valid for: a year.

This is the only time send-anywhere.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.224.189.38 13.224.189.38	16509 (AMAZON-02) (AMAZON-02)
1 18	13.225.78.95 13.225.78.95	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.225.78.123 13.225.78.123	16509 (AMAZON-02) (AMAZON-02)
1	23.37.54.90 23.37.54.90	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	110.93.147.30 110.93.147.30	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.138.17.48 108.138.17.48	16509 (AMAZON-02) (AMAZON-02)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
13	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6812:1a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	54.218.234.75 54.218.234.75	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
4	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
22 47	193.108.153.18 193.108.153.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	52.29.59.149 52.29.59.149	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1	52.29.63.1 52.29.63.1	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	64.227.70.247 64.227.70.247	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	69.20.43.192 69.20.43.192	27357 (RACKSPACE) (RACKSPACE)
5 5	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
25	146.20.128.166 146.20.128.166	27357 (RACKSPACE) (RACKSPACE)
5 5	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
5 5	52.87.37.104 52.87.37.104	14618 (AMAZON-AES) (AMAZON-AES)
31	146.20.132.191 146.20.132.191	27357 (RACKSPACE) (RACKSPACE)
2	18.138.227.164 18.138.227.164	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:dc00:13:8224:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
11	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:5600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	44.233.72.180 44.233.72.180	16509 (AMAZON-02) (AMAZON-02)
2 2	3.69.181.182 3.69.181.182	16509 (AMAZON-02) (AMAZON-02)
5 11	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
7	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
6	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 4	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 2	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
1	108.128.57.95 108.128.57.95	16509 (AMAZON-02) (AMAZON-02)
2 2	35.201.96.126 35.201.96.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.229 185.64.189.229	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.111 185.64.189.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.190.89 185.64.190.89	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:10:... 2606:4700:10::6816:1857	() ()
312	60

1 13.224.189.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-38.fra2.r.cloudfront.net

sendanywhe.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.225.78.95 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-95.fra2.r.cloudfront.net

send-anywhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-123.fra2.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.54.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-54-90.deploy.static.akamaitechnologies.com

wcs.naver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.93.147.30 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

wcs.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-48.fra56.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.234.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-234-75.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

send-anywhere.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 193.108.153.18 (Frankfurt am Main, Germany) 22 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.59.149 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-59-149.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.63.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-63-1.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.70.247 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-15.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.214.223.115 (Groningen, Netherlands) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 146.20.128.166 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.164.11 (United Kingdom) 5 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.87.37.104 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-37-104.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 146.20.132.191 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.138.227.164 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-227-164.ap-southeast-1.compute.amazonaws.com

file-18-138-227-164.send-anywhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:dc00:13:8224:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d4a553n24khrv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:5600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.72.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-72-180.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.181.182 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-182.eu-central-1.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.208.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.233 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.233 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.216 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.57.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-57-95.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (None, )

ASN- ()

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	lkqd.net ad.lkqd.net — Cisco Umbrella Rank: 23391 v.lkqd.net — Cisco Umbrella Rank: 16313 cs.lkqd.net — Cisco Umbrella Rank: 3373 t.lkqd.net — Cisco Umbrella Rank: 18908	292 KB
59	stickyadstv.com 22 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 683 cdn.stickyadstv.com — Cisco Umbrella Rank: 5864	886 KB
22	pubmatic.com vpaid.pubmatic.com — Cisco Umbrella Rank: 5343 ads.pubmatic.com — Cisco Umbrella Rank: 490 image6.pubmatic.com — Cisco Umbrella Rank: 777 simage2.pubmatic.com — Cisco Umbrella Rank: 702 image2.pubmatic.com — Cisco Umbrella Rank: 1033 aud.pubmatic.com — Cisco Umbrella Rank: 5288 vid.pubmatic.com — Cisco Umbrella Rank: 8940 st.pubmatic.com — Cisco Umbrella Rank: 1144 image4.pubmatic.com Failed	158 KB
22	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 195 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 224	168 KB
20	send-anywhere.com 1 redirects send-anywhere.com — Cisco Umbrella Rank: 101760 file-18-138-227-164.send-anywhere.com	4 MB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144	225 KB
10	adform.net 3 redirects adx.adform.net — Cisco Umbrella Rank: 4048 c1.adform.net — Cisco Umbrella Rank: 621	5 KB
8	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 297 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 986	4 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 421	129 KB
7	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 340	2 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1255 q.stripe.com — Cisco Umbrella Rank: 8027 m.stripe.com — Cisco Umbrella Rank: 1235	109 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2100 ekr.zdassets.com — Cisco Umbrella Rank: 2417	367 KB
5	stackadapt.com 5 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 700	2 KB
5	turn.com 5 redirects ad.turn.com — Cisco Umbrella Rank: 843	2 KB
5	loopme.me 5 redirects csync.loopme.me — Cisco Umbrella Rank: 977	1 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 126 region1.analytics.google.com — Cisco Umbrella Rank: 4098 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 85	23 KB
4	zendesk.com send-anywhere.zendesk.com	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	288 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	225 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 309	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5268 adservice.google.de — Cisco Umbrella Rank: 7767	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	123 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 4802	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4740	558 B
2	fwmrm.net 2 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3322	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1317	16 KB
2	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 17828	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5244	750 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 41	20 KB
2	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 23028 a.vidoomy.com — Cisco Umbrella Rank: 2837	6 KB
2	cloudfront.net d31qbv1cthcecs.cloudfront.net d4a553n24khrv.cloudfront.net	475 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	113 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	2 KB
1	zeotap.com mwzeom.zeotap.com	382 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 792	613 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 813	266 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2528	553 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 701	588 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 715	363 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 494	725 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 18084	586 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 342	239 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 668	312 B
1	servedby-buysellads.com m.servedby-buysellads.com — Cisco Umbrella Rank: 27497	15 KB
1	naver.com wcs.naver.com — Cisco Umbrella Rank: 33855	679 B
1	naver.net wcs.naver.net — Cisco Umbrella Rank: 28614	7 KB
1	sendanywhe.re 1 redirects sendanywhe.re	267 B
0	sitescout.com Failed pixel-sync.sitescout.com Failed
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	yahoo.com Failed pr-bh.ybp.yahoo.com Failed
0	sportradarserving.com Failed a.sportradarserving.com Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	audrte.com Failed a.audrte.com Failed
0	semasio.net Failed uipglob.semasio.net Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	adition.com Failed dsp.adfarm1.adition.com Failed
0	adnxs.com Failed ib.adnxs.com Failed
0	alexametrics.com Failed certify.alexametrics.com Failed
312	60

	Domain	Requested by
47	ads.stickyadstv.com	22 redirects send-anywhere.com ad.lkqd.net cdn.stickyadstv.com
31	t.lkqd.net	ad.lkqd.net
25	cs.lkqd.net	ad.lkqd.net
18	send-anywhere.com	1 redirects send-anywhere.com
12	cdn.stickyadstv.com	ad.lkqd.net cdn.stickyadstv.com
11	cm.g.doubleclick.net	5 redirects
10	v.lkqd.net	ad.lkqd.net
10	ad.lkqd.net	send-anywhere.com ad.lkqd.net
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net 8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com send-anywhere.com tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net send-anywhere.com 8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com
8	cdn.cookielaw.org	send-anywhere.com cdn.cookielaw.org
7	match.adsrvr.org	ads.pubmatic.com
7	pagead2.googlesyndication.com	send-anywhere.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	s.amazon-adsystem.com
6	vpaid.pubmatic.com	ad.lkqd.net
6	adx.adform.net	ad.lkqd.net
6	static.zdassets.com	send-anywhere.com static.zdassets.com
5	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
5	sync.srv.stackadapt.com	5 redirects ads.pubmatic.com
5	ad.turn.com	5 redirects
5	csync.loopme.me	5 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	send-anywhere.zendesk.com	static.zdassets.com
4	www.facebook.com	send-anywhere.com
4	connect.facebook.net	send-anywhere.com connect.facebook.net
3	q.stripe.com	send-anywhere.com
3	8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net send-anywhere.com
3	x.bidswitch.net	3 redirects
3	js.stripe.com	send-anywhere.com js.stripe.com
3	www.googletagservices.com	send-anywhere.com securepubads.g.doubleclick.net 8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com
2	visitor.fiftyt.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	image6.pubmatic.com	ads.pubmatic.com
2	1f2e7.v.fwmrm.net	2 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	file-18-138-227-164.send-anywhere.com	send-anywhere.com
2	cdn4.buysellads.net	send-anywhere.com
2	pool.admedo.com	2 redirects
2	www.google.com	send-anywhere.com tpc.googlesyndication.com
2	www.google.de	send-anywhere.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com send-anywhere.com
2	www.googletagmanager.com	send-anywhere.com www.googletagmanager.com
2	cdnjs.cloudflare.com	send-anywhere.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	st.pubmatic.com
1	vid.pubmatic.com	vpaid.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	m.stripe.com	m.stripe.network
1	d4a553n24khrv.cloudfront.net	send-anywhere.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	srv.buysellads.com	m.servedby-buysellads.com
1	pixel.rubiconproject.com	send-anywhere.com
1	a.vidoomy.com	send-anywhere.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	send-anywhere.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	m.servedby-buysellads.com	send-anywhere.com
1	ads.vidoomy.com	send-anywhere.com
1	d31qbv1cthcecs.cloudfront.net	send-anywhere.com
1	wcs.naver.com	send-anywhere.com
1	ekr.zdassets.com	static.zdassets.com
1	wcs.naver.net	send-anywhere.com
1	apis.google.com	send-anywhere.com
1	sendanywhe.re	1 redirects
0	pixel-sync.sitescout.com Failed	ads.pubmatic.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	image4.pubmatic.com Failed	ads.pubmatic.com
0	pr-bh.ybp.yahoo.com Failed	ads.pubmatic.com
0	a.sportradarserving.com Failed	ads.pubmatic.com
0	cr.frontend.weborama.fr Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	uipglob.semasio.net Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	dsp.adfarm1.adition.com Failed	ads.pubmatic.com
0	ib.adnxs.com Failed	ads.pubmatic.com
0	certify.alexametrics.com Failed	send-anywhere.com
312	89

This site contains links to these domains. Also see Links.

Domain
outdatedbrowser.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
*.send-anywhere.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-11` - `2024-01-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
ssl.pstatic.net GeoTrust RSA CA 2018	`2022-09-06` - `2023-09-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
wcs.naver.com GeoTrust RSA CA 2018	`2022-07-25` - `2023-08-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
m.servedby-buysellads.com R3	`2023-01-21` - `2023-04-21`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon RSA 2048 M01	`2023-02-09` - `2023-10-12`	8 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
send-anywhere.zendesk.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
ad.lkqd.net R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-06-09`	a year	crt.sh
cdn4.buysellads.net R3	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-07-18`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-09` - `2024-02-09`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 47 frames:

Primary Page: https://send-anywhere.com/web/downloads/LZERUAA6
Frame ID: 45EB3B5438993AEFB88F8FFB24F4762E
Requests: 118 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html
Frame ID: 604CF61C37CF8DC49205DE55C4FFC559
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-8c45d598650b92391c71.js
Frame ID: CE1D5DD1F57F99A5E17D4DCBE610FEC0
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 15A0CEE17A1BD23ABA572296531CDDCD
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 2D7050D85A27E58310321302AE805D5B
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C05CCB68770706CDDA1CB44144BCF27B
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 27B2FAF0D41E37AD952AF6B04FBAB23B
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B8655B4EAF151B1F3A9F18FBD5816A41
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F3E5F001206D51962A122339354B07FC
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: D6EA8F68363B5DF01545A641BC065B48
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EC58CBBD481BA99F4708AC5A938BCE32
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 63FC8BCBCCCD1E0AC84F5C921EBDD2BC
Requests: 6 HTTP requests in this frame

Frame: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3305BF997D0E0C78CC6D6788E22BAAA8
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F26C4F21C2EF59815A47C5A98E1BDD40
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1oq_9-X6weQjuLJlO1ut7bkZfpBvZMeMAdfxS1BEOLUnic_wR22Yy_ucie-U-irKICKEfZilQh480q48vs49TZF6wloqP2KiAZUfn3XOx57FVP9sTZCR4TNDpnrkTp3e2ZwCA1i5vi97IfWFCTf5h323DCdYiyDDncg8fJo-vVsBkjhwA_mbKRTdGRCIY7eFdv8SFz5X2fBnmD8htkC37lzBXGeXSjPyjDVx5i8v-H32nC5rXFF1t9lEcIQ_jj_0HNVMzd6n7zvZSyiK5RUKg71JJN1O6CuZpeG2SEbXU7KaUWWkWnyQJoszjlisVDzk-czh1xCU7Cls8zEgVKQ&sai=AMfl-YTrbKQ3J52PcPPi7y2ziMgSEe6CCPbz89Hoid46BPrRXXv3hipEzDTw2EDUmepDm6bKjKV7BmsfuaMeomp5Sar5F_87RXKLWUpzfgJlXMTSKJQhRGd4CZ1Yth7evq-_U6L8h0VrOaxttJ16CuE&sig=Cg0ArKJSzF8TvJJXOyNtEAE&uach_m=[UACH]&adurl=
Frame ID: D8ABB6186FCDD848D4E8E595FB8B2D93
Requests: 8 HTTP requests in this frame

Frame: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CECCF96B8E2378423D5F06A224D4C8E8
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 06AC4CC9B381A1F9DC7ACBAD3CF9BCAA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 018285A08EAD7F8CA37A93996DC39921
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD15B017226203B929E973CEFA786493
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CF764FEEA8E65FB743AB90A508B101F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 8973D710A5ED255B0272E380BF54A6A6
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F742E691934910046EA89AE86F7D361E
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B6B451EA932C3668C6955F500BA36B97
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 8EFBAC93F37D5894694343E2672D01C0
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7E0F96CB79E547F5EBBDF0A42287770B
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 26495E15FF559317C1F0F0436E5250CE
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C12911713394159280238381015698%2C%2C
Frame ID: 80E632F2B8F427CF06F0085069900491
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 078BF9DADF9B0E2D5EE2708FF4D1042F
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent=
Frame ID: 7C64DAF79447C9E0F2BB96CAAC4FBB56
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1&gdpr=0&gdpr_consent=
Frame ID: 59C4A86F0FB3C13CAA0F8D6187467452
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=78574922712422947
Frame ID: 5E860DC0E92F7BE10FBC29C681E95003
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8E098D3F0FA90FE62135545AC7361409
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK
Frame ID: DEBD6C6D0FFDE27D17F55A2EFACB9433
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 85886A93CB6006CD4F6B8C830042E023
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: DDD9F58DB69019F54E2235B70A8D96DE
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 20CD48621D6637E41013EA56A349B5DC
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: D903A36B3FA005F7E3EA0B28EB354890
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 68D9F0B953D6F12C9C1ED81FCA3261F7
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 17BD3D0442EC413A1EDFCF76D1EC2133
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 49B17C50BEED25A5028F3CD911A23BB8
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C7034039724648447736264347821%2C%2C
Frame ID: A1B33CA86D89F9F07CB8F8A511D17F14
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DF900B5705A80212F6BDA408489E31A4
Requests: 11 HTTP requests in this frame

Frame: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 63A08CCD6711B74F72ABE5A3108F5502
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: 6F6DDC7F5D3F028546DD4CA83776AF4B
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: EBAB886A35445C567CBD4B78368CB6A4
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: FB8A7BC6366BF254D31882C19330D28F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: DE8FB0223F55B932536CC52BAAF6D2CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Send Anywhere - File transferBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://sendanywhe.re/LZERUAA6 HTTP 302
https://send-anywhere.com/web/link/LZERUAA6 HTTP 302
https://send-anywhere.com/web/downloads/LZERUAA6 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

BuySellAds (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

312
Requests

77 %
HTTPS

34 %
IPv6

60
Domains

89
Subdomains

60
IPs

13
Countries

7732 kB
Transfer

13665 kB
Size

64
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://outdatedbrowser.com/
Title: Update Browser

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sendanywhe.re/LZERUAA6 HTTP 302
https://send-anywhere.com/web/link/LZERUAA6 HTTP 302
https://send-anywhere.com/web/downloads/LZERUAA6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=701021404.03672861987877717.5171694 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=701021404.03672861987877717.5171694 HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=fc5c437b-669f-4f9a-9917-8fb033ba92c7 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=fc5c437b-669f-4f9a-9917-8fb033ba92c7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3b95e7c9-aed3-4b82-b2dd-75555c344be4&user_group=1&ssp=vidoomy&bsw_param=fc5c437b-669f-4f9a-9917-8fb033ba92c7 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=fc5c437b-669f-4f9a-9917-8fb033ba92c7

Request Chain 74

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c95a6b68-42a1-4643-abf4-fa86d19fa456

Request Chain 77

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7125261899886800520

Request Chain 78

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jp-qhiejSwlzOYS6C078O9lAlxw

Request Chain 79

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b01b76e6-64be-45c6-a7c8-c9f6ca189072

Request Chain 82

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456

Request Chain 83

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw

Request Chain 95

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=409f1302-c5e4-4648-a7e9-7d214d3e6097

Request Chain 98

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456

Request Chain 99

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jp-qhiejSwlzOYS6C078O9lAlxw

Request Chain 161

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f21ebabd0c87d5fb691de87209b1951&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v1073_7200140736166978176&gdpr=0&gdpr_consent=null HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMEGEK1EaQ0DclaLaQP_Dvc&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 164

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 165

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 170

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f21ebabd0c87d5fb691de87209b1951&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v1073_7200140736166978176&gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 174

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 176

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 182

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMEGEK1EaQ0DclaLaQP_Dvc&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 186

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 188

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 199

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw

Request Chain 200

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=39ed9947-8fa4-43de-a41f-1de53541b097

Request Chain 203

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456

Request Chain 223

https://c1.adform.net/serving/cookie/match?party=14&cid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent=

Request Chain 224

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1&gdpr=0&gdpr_consent=

Request Chain 225

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=78574922712422947

Request Chain 227

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK

Request Chain 228

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wUPGfliXTDe2-AXPc14a2Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 230

https://pixel.onaudience.com/?partner=214&mapped=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e8e3a59b09d0621b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 231

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&addseg=19,36,42

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzE0M0M2N0UtNTg5Ny00QzM3LUI2RjgtMDVDRjczNUUxQUQ5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcj-ooHLjW3Mn4cMEco__U&google_cver=1

Request Chain 235

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5300975818534935871

Request Chain 244

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 248

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 250

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 254

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 260

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 262

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 266

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

Request Chain 270

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 272

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 282

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=2e2e0624-630e-437d-92e8-eaa054541cb1

Request Chain 285

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456

Request Chain 286

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw

Request Chain 303

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D

Request Chain 311

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=924759426

Request Chain 312

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Request Chain 314

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L0VubalE2uUCfOcanlraflIjCsZTs2U-~A&gdpr=0

312 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request LZERUAA6 Show response
send-anywhere.com/web/downloads/
Redirect Chain

https://sendanywhe.re/LZERUAA6
https://send-anywhere.com/web/link/LZERUAA6
https://send-anywhere.com/web/downloads/LZERUAA6

9 KB
10 KB

302ms
301ms

Document
text/html

13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-95.fra2.r.cloudfront.net

Software

nginx/1.16.1 /

Resource Hash

06249d9975c974f035ec22c9962229039e76203f034e19ccb939008c8a10ebff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 9344
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 22:23:20 GMT
etag: W/"2480-FauHwl4wbuEV3IpAWx626WEnPQc"
server: nginx/1.16.1
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-id: 0AU5yYJo5EVVzoIxWbgMafKerba86rh7xxlQvUXrkiCloHP1KI1UfA==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 140
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 22:23:20 GMT
location: https://send-anywhere.com/web/downloads/LZERUAA6
server: nginx/1.16.1
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-id: hqp2gtwDyJzdnlGVNc7lr_EDqn-euXA-HNLtgEMz_uJyC4kRKWWscA==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 font.1676234568000.css
send-anywhere.com/assets/css/base/ 2 KB
2 KB 12ms
10ms Stylesheet
text/css 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/css/base/font.1676234568000.css?ut=811280
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 7a37a7dd846a0e0b60dc7aafbecabe405c2d83f7a2185d1b36fc6c5ba6770eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 05:51:30 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 12 Feb 2023 17:47:18 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 145909
etag: "63e92626-872"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2162
x-amz-cf-id: r4rUJlMgaY179aEl_hE862AsiJ0ZlONdfWbCdGhPjztGgUUdZBus1A==
expires: Tue, 13 Feb 2024 05:51:30 GMT

GET
H2 200 font-roboto.1676234568000.css
send-anywhere.com/assets/css/base/ 656 B
1014 B 13ms
10ms Stylesheet
text/css 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/css/base/font-roboto.1676234568000.css?ut=811280
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 8e8b5a0b4e50196e99b823f22a7ed11b3408e2169f44ecfbc09738f1ee6c6b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 05:51:31 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 12 Feb 2023 17:47:18 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 145909
etag: "63e92626-290"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 656
x-amz-cf-id: m75tDf1EokITzFT8jYqkcduchb85JFG-LmnXndyYAkje9lT5onwNDA==
expires: Tue, 13 Feb 2024 05:51:31 GMT

GET
H2 200 font-awesome.min.1676234568000.css
send-anywhere.com/assets/css/base/ 30 KB
31 KB 13ms
10ms Stylesheet
text/css 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/css/base/font-awesome.min.1676234568000.css?ut=811280
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 3d721e8b87d0aa3f3a7d7fe2ed9a49da6c5a47cb2977c16a32ea87be19eb237d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 05:51:31 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 12 Feb 2023 17:47:18 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 145909
etag: "63e92626-7978"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31096
x-amz-cf-id: 16EQOdIHrohUuTJ4G6hwfaWsiBxsVMsff5TF_gUebHjNX-SLubSHDw==
expires: Tue, 13 Feb 2024 05:51:31 GMT

GET
H2 200 sa-icon-font.1676234568000.css
send-anywhere.com/assets/css/base/ 8 KB
8 KB 14ms
11ms Stylesheet
text/css 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/css/base/sa-icon-font.1676234568000.css?ut=811280
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 378df85808f18992a02c729575753613d1e35facf9a65abaa9af181b434fa828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 05:51:31 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 12 Feb 2023 17:47:18 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 145909
etag: "63e92626-1f98"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8088
x-amz-cf-id: nAkK4sp-qEbUUf6-3dA5vpwU7MrXILiLxYmxausma3WDpOr57GBWDg==
expires: Tue, 13 Feb 2024 05:51:31 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
1 KB 32ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5277790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 382
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydLUb4v3i%2B7OQEQaG7gPZ54HzgCcd3tVqpp%2BxIN8uy2FM8c4mNklq7vRk0LdF4X%2BnZ%2FL0RDXOXkosTHkArv%2BVDbisCUHWhHnz26hSGOtxrOfOZht3LDmJ54aalpkdkoUcjd8AusBQI0YbstGA53uCjww"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79993528e80c8fdd-FRA
expires: Sun, 04 Feb 2024 22:23:20 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 32ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 18062087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 637
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTGQM87hWyBmQ1xAjk2gwe40Z%2FxZKP0xdJRyvnH8IEKM4%2FfrFX2gwSoXM%2FY%2FchNUNMzhN%2FuCjbxNpGZHAc095Rq147y9FMe2Nu1zWDaNS%2FSlAja0l%2FekdY8bfIBv93NVdDZEyAuU2TnBUWbaTjRHwqWC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79993528e80d8fdd-FRA
expires: Sun, 04 Feb 2024 22:23:20 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 73ms
50ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 22:23:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d180a2ced31e8f24"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:23:20 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 74ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f62078c9887750aa2191f6fa53bbef9af30d070f1980cefb7cdc039cbae1d5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27301
x-xss-protection: 0
server: sffe
etag: "1483 / 153 of 1000 / last-modified: 1676376346"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Feb 2023 22:23:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 72ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

184eaa8803f1aa2d61427b96a3b7b34d25f352f4b9cf3ba38417d96ab37d30c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49784
x-xss-protection: 0
server: cafe
etag: 18344739296658240993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:23:20 GMT

GET
H2 200 criteo.1676234570000.js Show response
send-anywhere.com/assets/js/ 75 KB
75 KB 12ms
10ms Script
application/javascript 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/js/criteo.1676234570000.js?ut=811280
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 05:52:20 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 12 Feb 2023 20:42:50 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 145860
etag: "63e94f4a-12b96"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 76694
x-amz-cf-id: gwgfYfzS_3z0hNepv3ACKs1gehMKWikxzJZmMR9dtRK3ISp44kTosQ==
expires: Tue, 13 Feb 2024 05:52:20 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 62ms
28ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=877461a8-d910-4224-a4ad-2cbdc3192800

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0TDKP0VTQD7HDNWK
age: 51
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: L68qQWHWjMsHxRe3r+QXmoihMoTRkKnyUgZhOIc7+WjQYh8MHviOvpUUssuW6FCAEnNkXWl0r+Q=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALXwuopvpJERlUierqeQYG64sP8rB1tt1hU0j%2Fcbf7C7u9yz1Vq1%2Bq2Y3Uc93VIGlh5e6xVeM%2FryrbmXfeqKV4%2BweeVvZ0z2HanK32XLQs%2BhDcBW1xhtIwbbLMhGFwtyAgC2MQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 799935290c6f35ee-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ 437 KB
105 KB 49ms
8ms Script
text/javascript 13.225.78.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-123.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e861595fa7024f9db1f207582d5d79149e244e4118e7c71975a6c816e9dd5922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 22:22:26 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 55
x-cache: Hit from cloudfront
last-modified: Tue, 14 Feb 2023 21:54:55 GMT
server: Cloudfront
etag: W/"c581f2125aefc6abf71e57ed1ac7411d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: V504u9P5vmAkEin6aneo65E77KICCEWwHDcoBaNEqkN6aGdTl9I7RQ==

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ 20 KB
7 KB 109ms
12ms Script
application/javascript 23.37.54.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.37.54.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-54-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 82e8f97388db2fde014004e7eb310df127012d3b2a397d98c1e6fe47a5bcd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jun 2022 02:08:57 GMT
Server: nginx
ETag: "62a7edb9-4e9c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3110
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6834
Expires: Tue, 14 Feb 2023 23:15:10 GMT

GET
H2 200 header.1676234570000.js Show response
send-anywhere.com/assets/js/ 2 KB
2 KB 14ms
12ms Script
application/javascript 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/js/header.1676234570000.js?ut=811280
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 740a65e5b0603f86e0939ab4e9e3ae835a8bdbaf75424a91757420570c22d2d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 05:51:31 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 12 Feb 2023 17:47:18 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 145909
etag: "63e92626-804"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2052
x-amz-cf-id: 46yhTu4o_-uB0nNw8ZYtQslXhKgLmKXq1SO5uzL9jAwNvOpdEuRx6A==
expires: Tue, 13 Feb 2024 05:51:31 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 63ms
28ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
age: 82794
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8384
x-ms-lease-status: unlocked
last-modified: Fri, 10 Feb 2023 03:28:04 GMT
server: cloudflare
etag: 0x8DB0B16D258C856
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a23485b4-001e-0134-03ad-3d311b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 799935290e919a18-FRA

GET
H2 200 vendor.22b62a39.js Show response
send-anywhere.com/static/js/ 2 MB
2 MB 12ms
11ms Script
application/javascript 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/static/js/vendor.22b62a39.js
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: fea5977fe69a13838d8c6df5869751e0baaa5b7c45a54531b02aa8df7a4e1549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 04:33:31 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 05 Feb 2023 19:22:08 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 755389
etag: "63e001e0-1a4c81"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1723521
x-amz-cf-id: -68UcKoBN3IeBMcC25DGP95uaMKk4stbIvkdv0e6VeXX5Wx3fxnTDQ==
expires: Tue, 06 Feb 2024 04:33:31 GMT

GET
H2 200 app.027f5e07.js Show response
send-anywhere.com/static/js/ 2 MB
2 MB 13ms
11ms Script
application/javascript 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/static/js/app.027f5e07.js
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 7bc793f2ef02cc9c06ef8e06852b3f50556d4d7336b2e59fc1de0ad1fa830bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 04:31:13 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 05 Feb 2023 19:22:08 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 755526
etag: "63e001e0-25df66"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2482022
x-amz-cf-id: mDTaXPtv5Jg2OIbuTQEZ8aYY8NSJ7VUAugbuxQaCofiCRmrNznWxWA==
expires: Tue, 06 Feb 2024 04:31:13 GMT

GET
H2 200 877461a8-d910-4224-a4ad-2cbdc3192800 Show response
ekr.zdassets.com/compose/ 359 B
1 KB 224ms
191ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/877461a8-d910-4224-a4ad-2cbdc3192800

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=877461a8-d910-4224-a4ad-2cbdc3192800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53e297669e649405941162ef3af800c2267a85450cc6f033c325336b010151a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7992f9036ea01627-SEA, 7992f9036ea01627-SEA
x-runtime: 0.002468
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"53e297669e649405941162ef3af800c2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6rhbHxfm3ohpznjj%2FZf%2B7OJ5kb9VuPwCUgBLQx05xvSCaGAeiLRaMogUH%2Be6wYaP%2FCte%2F64s9Ls3OY5EsrqfJae%2Bk1NbvvwyzcwHee1B28ReiNY%2FjPDu4Cw6G6TEPBPlbQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 799935298b5a9a0f-FRA

GET
H2 200 m
wcs.naver.com/ 43 B
679 B 1023ms
252ms Image
image/gif 110.93.147.30
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wcs.naver.com/m?u=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&e=&wa=ce4000b198d5a0&bt=-1&os=Win32&ln=en-US&sr=1600x1200&bw=1600&bh=1200&c=24&j=N&jv=1.8&k=Y&ct=&cs=UTF-8&tl=Send%2520Anywhere&vs=0.8.6&nt=1676413400561&EOU

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43
expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
47 KB 40ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQWTW75

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/assets/js/header.1676234570000.js?ut=811280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22f04546bac45019036a5f352b5fef530992effadf84b2c1ffc62e27ddb7a22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47449
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Feb 2023 22:23:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 35ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/assets/js/header.1676234570000.js?ut=811280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

406a19658aa4d2360fdb055b2de79f5738828c20efdd64c8932ad8c907d43684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 22:23:20 GMT
content-md5: Yu3N9C4/KW1Rbo85b8BuoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: LBmGg6Aj/j34droD7UDhIN6t5jHs7BCISl7fXsxc4rLu4UjUFho+UOzmKVmy2BLF53SoosJ+JZ8fqnB9D5rD8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
x-fb-content-md5: cbd36d3f45a3918e8e17f1a7a7cfbd8e
cross-origin-opener-policy: same-origin-allow-popups
etag: "17cc7821d687a2a502efa9d7769867c6"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 14 Feb 2023 22:29:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 36ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/assets/js/header.1676234570000.js?ut=811280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 22:23:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bpeh+YaEopcjqG85261eVodu/IDKkjLxZtvr6Q7MTTlngHnx7KMI40kGStpQjt/iwQcpGZB3sfl6BFeVIsP4gQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 33ms
6ms Script
application/javascript 108.138.17.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/assets/js/header.1676234570000.js?ut=811280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-48.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding: gzip
Via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 13810407
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: 66U_UhY351GPni_i6iZKPGtY2-mr1KujCsOAm6XaAKNu6LIjFdDtpg==

GET
H2 200 a47bec7a-41fc-4cfb-a74c-2438233907e5.json Show response
cdn.cookielaw.org/consent/a47bec7a-41fc-4cfb-a74c-2438233907e5/ 4 KB
2 KB 29ms
16ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a47bec7a-41fc-4cfb-a74c-2438233907e5/a47bec7a-41fc-4cfb-a74c-2438233907e5.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff2772fb1b6b2dd981639a32d57e8d79a75cf4c26d422208a652193404179f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JhuOxFCiLxWzy6pDNNauVw==
age: 2046
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1568
x-ms-lease-status: unlocked
last-modified: Wed, 18 May 2022 04:52:58 GMT
server: cloudflare
etag: 0x8DA388A47B6BCE0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fdfbced7-b01e-0126-5079-6a0507000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79993529a8cebbaf-FRA
expires: Wed, 15 Feb 2023 22:23:20 GMT

GET
H/1.1 200
OK send-anywhere_16293.js Show response
ads.vidoomy.com/ 5 KB
5 KB 363ms
131ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/send-anywhere_16293.js
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/static/js/app.027f5e07.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 123d1a72aad66a296c9eb53058fb1b2c1537c4c582745c5f23aac661f253c05e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:21 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 4803

GET
H2 200 monetization.js Show response
m.servedby-buysellads.com/ 66 KB
15 KB 389ms
25ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.servedby-buysellads.com/monetization.js
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/static/js/app.027f5e07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 0114ab589ce42ed402ce67254aa06f725f6b53e4a04d2f79b4b01fc92501dcf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
x-sp-metadata: HS256.COmvsJ8GEogBCiRlZWUyYTgyZi1jNWNmLTRhMTgtOTA5NS1kYTllM2I5NTBhMzgQ0KW+ltjY/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCis2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDU1Y2FhYzAwLTNmZjAtNGFjMC04NmFiLWQ3YWZiMDM5OWQ0NBizcyIYCAISFGNkczA1My5sbzQuaHdjZG4ubmV0.q3ItwNdxVtWuE6K9fihnyWm1K5VaRWnYm3pGaGoezwk=
last-modified: Fri, 03 Jun 2022 18:18:52 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1654280297/ctime:1654280295/gid:1000/gname:nathan/md5:4896c8077f50520418d4d1ab293b6545/mode:33204/mtime:1654280295/uid:1000/uname:nathan
x-amz-request-id: SQT94D19MRKVD0XB
etag: "4896c8077f50520418d4d1ab293b6545"
x-hw: 1676413401.cds036.lo4.hn,1676413401.cds053.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2779
accept-ranges: bytes
content-length: 14771
x-amz-id-2: nE02xfhfHA4dCGEsGQuRScYJ/3JYFJY/hz3vcPfaiJemv75316flvSdgu8cSTIiMpc9QzwRdt2c=

GET
H2 200 logo.40d00b5a.png
send-anywhere.com/static/media/ 11 KB
11 KB 9ms
9ms Image
image/png 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://send-anywhere.com/static/media/logo.40d00b5a.png
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 595ce98672716d048593078a59735472c0dbb39a3dfc5851ff5cb42fc11b3f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 14:31:42 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Sun, 05 Feb 2023 19:22:08 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 373898
etag: "63e001e0-2b6d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11117
x-amz-cf-id: lFbOmaDFZ01JEpnVScvWPfoGixrCTQQM5FHCs1Fai4G1ve7Ggxj1yA==
expires: Sun, 12 Mar 2023 14:31:42 GMT

POST
H2 200 device Show response
send-anywhere.com/web/ 138 B
798 B 325ms
325ms XHR
application/json 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://send-anywhere.com/web/device

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/static/js/vendor.22b62a39.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-95.fra2.r.cloudfront.net

Software

nginx/1.16.1 /

Resource Hash

221192bd0ad42a7db77edd2aaa5cbb4a3b0fee10d107f953f42c9d5e5b47f102

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 138
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"8a-6p2dqGhy1FsKhYI1uIkPgKGeg/I"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: X-HTTP-Method-Override
content-type: application/json; charset=utf-8
cache-control: no-cache
x-amz-cf-id: FyN8Q_wJbru0LPjVU_IgaH66aWl4AHJZzxAT4GigeEhHhNdrT6CiHw==

GET
H2 200 SA-Icon.ttf
send-anywhere.com/assets/font/sa_icon_font/ 31 KB
31 KB 10ms
9ms Font
application/octet-stream 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/font/sa_icon_font/SA-Icon.ttf?ut=ianojr
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/assets/css/base/sa-icon-font.1676234568000.css?ut=811280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: a155f769a1430ac17a509c17f6533092f7fd99b889b3d4cf6c0bc431c22326d8

Request headers

Referer: https://send-anywhere.com/assets/css/base/sa-icon-font.1676234568000.css?ut=811280
Origin: https://send-anywhere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 00:14:18 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 20:01:10 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 770942
etag: "63617b06-7a04"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31236
x-amz-cf-id: u52hKDXIe5u7LnoVMHCDgms7iHykfQIgM5ZSWdBVMRu5qHjw_4jzjQ==
expires: Tue, 06 Feb 2024 00:14:18 GMT

GET
H2 200 roboto-400.woff
send-anywhere.com/assets/font/roboto/ 19 KB
20 KB 32ms
32ms Font
font/woff 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/font/roboto/roboto-400.woff
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/assets/css/base/font-roboto.1676234568000.css?ut=811280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

Request headers

Referer: https://send-anywhere.com/assets/css/base/font-roboto.1676234568000.css?ut=811280
Origin: https://send-anywhere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 02:37:53 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 17:10:14 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 17005527
etag: "62e808f6-4d70"
x-cache: Hit from cloudfront
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19824
x-amz-cf-id: ZVRstFT-swAXsggH1FhJDQjk0deVKkudS9s-g3LCFQpvA6L52jP6AA==
expires: Wed, 02 Aug 2023 02:37:53 GMT

GET
H2 200 roboto-700.woff
send-anywhere.com/assets/font/roboto/ 19 KB
20 KB 9ms
8ms Font
font/woff 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/font/roboto/roboto-700.woff
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/assets/css/base/font-roboto.1676234568000.css?ut=811280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 468e579fe1210fa55525b1c470ed2d1958404512a2dd4fb972cac5ce0ff00b1f

Request headers

Referer: https://send-anywhere.com/assets/css/base/font-roboto.1676234568000.css?ut=811280
Origin: https://send-anywhere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 19:31:23 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 20:01:10 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 3725517
etag: "63617b06-4db0"
x-cache: Hit from cloudfront
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19888
x-amz-cf-id: 1KG8HC45q-TBDDX_da7oH-epbBRt5c49rnfW5-oEKbfxUhDZ-9-7mw==
expires: Tue, 02 Jan 2024 19:31:23 GMT

GET
H2 200 roboto-300.woff
send-anywhere.com/assets/font/roboto/ 19 KB
20 KB 10ms
9ms Font
font/woff 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.com/assets/font/roboto/roboto-300.woff
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/assets/css/base/font-roboto.1676234568000.css?ut=811280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 3ab30e780c8b0bcc4998b838a5b30c3bfe28edead312906dc3c12271fae0699a

Request headers

Referer: https://send-anywhere.com/assets/css/base/font-roboto.1676234568000.css?ut=811280
Origin: https://send-anywhere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 05:20:25 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 20:01:10 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 1875775
etag: "63617b06-4dcc"
x-cache: Hit from cloudfront
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19916
x-amz-cf-id: M9v7Q8SY801CU-BjFMKWFZdR9OAS612SmVnILW3tJkhWD_FASxlB4g==
expires: Wed, 24 Jan 2024 05:20:25 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 51ms
23ms XHR
application/json 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://send-anywhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7999352afc0837ef-FRA
access-control-allow-headers: Content-Type

GET
H2 200 pubads_impl_2023020901.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 96ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

980c5d3f2c9d21b9c5ddd170f98a7a3f77a8e96cf2406ed205d5ce339aeabf91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 12:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133132
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 09:35:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Feb 2024 12:39:55 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 106 B
616 B 117ms
42ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=send-anywhere.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6de975208beb540a48d1eba1762623b6a63496dac766ad33f7e71bc6a58ac7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
expires: Tue, 14 Feb 2023 22:23:20 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.32.0/ 335 KB
79 KB 20ms
20ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ryfZhYsqLisJEnBsOqgVsQ==
age: 82767
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 81095
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:23 GMT
server: cloudflare
etag: 0x8DA08FC76466F7A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cedddfbe-a01e-0097-5df7-3abb2f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7999352b28d39a18-FRA

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4df74076f6ea6ac977a2326ceab2a9b2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0bb7968ac859bfa8a2b923fb18139d71963d4a8c13298d777230ea9b2c0cddf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://send-anywhere.com/
Origin: https://send-anywhere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 22:23:20 GMT
content-md5: J77oGQnYBd3fQ9YPRxxm5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88486
x-fb-rlafr: 0
x-fb-debug: kq2PCWgT+LcZtP1HY7yjWktaOs8eJPTvY1bcN4d8VjFDgLb4vQ72Dfoo4GkWkSS3kjSYQ809vgDPQKjDDdl5+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a93e5fb545eec1d517850a693512a83f
cross-origin-opener-policy: same-origin-allow-popups
etag: "be6fb62dac94ca1193685957140cce0a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Feb 2024 17:33:02 GMT

GET atrk.gif
certify.alexametrics.com/ 0
0

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 743ms
163ms Image
text/plain 54.218.234.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.218.234.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-234-75.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: Server

GET
H2 200 1341760472609957 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 286ms
285ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1341760472609957?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68207dccf2ecf9ad0171618fa5c81ac381f7cb3c151831d23a070da37df76386

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 22:23:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: n90rJr3mxvjTw0qYNU1uUhQalZcDNQe4NYU4QMUAkNM1fMmMBvQP3rEW5VTi0OdTeq6R6dT5eYphnlC3nO9P9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/ Frame 604C 10 KB
5 KB 84ms
20ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 18:23:52 GMT
etag: 10353107486223812946
expires: Tue, 28 Feb 2023 18:23:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
21ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQWTW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 21:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4274
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 14 Feb 2023 23:12:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
67 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQWTW75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adb28257114950cbccf3af0b94c9112fc33039d5705294df03f12cdf6f6489b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 22:23:20 GMT

GET
H2 200 web-widget-framework-8c45d598650b92391c71.js Show response
static.zdassets.com/web_widget/latest/ Frame CE1D 158 KB
49 KB 25ms
24ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-8c45d598650b92391c71.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=877461a8-d910-4224-a4ad-2cbdc3192800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36aab678d1021aaf22136cddf38e78b5862c7d14d472ebf79bfe3681604fc383

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:20 GMT
x-amz-version-id: ZVm58vv4Xph8iLXOqbV7Iicx3t7S6yNf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VSTH6BJ5G224FKYP
age: 68151
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Rt4oaBOBu+/dWempsPXauDBrNN13CPuQop2lGnLirWsljjW4nywLRLypKw0VmHnbyWAeVhUWXnM=
last-modified: Mon, 13 Feb 2023 22:35:37 GMT
server: cloudflare
etag: W/"7419564f94b03506ce085d9b759658f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqjCuog16zoo7CcZQSO6eALUscb2KBjNWM4PGoyDmCzis8BkM2CSNJUPeP%2FO4dUJlBHoubQJAW7QS0zqaX5Ssfr34VAVFrGT31Lbah399KD6Gkwt3Y%2B2yqi2OwdsBPiDz7vFbEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7999352ba81435ee-FRA
expires: Tue, 13 Feb 2024 22:35:36 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a47bec7a-41fc-4cfb-a74c-2438233907e5/c8fdc98c-f0d0-48d7-9583-d241c2fc6e0f/ 88 KB
18 KB 36ms
35ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a47bec7a-41fc-4cfb-a74c-2438233907e5/c8fdc98c-f0d0-48d7-9583-d241c2fc6e0f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c018d8bd0c23e4d9c275b42dadf171c1ae1c0f1ac4c9811d9c152e296f237831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Feb 2023 22:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PysLyFiCeeoBIBJlHbSokw==
age: 37974
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 18396
x-ms-lease-status: unlocked
last-modified: Wed, 18 May 2022 04:53:06 GMT
server: cloudflare
etag: 0x8DA388A4CAACD4D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 029820da-b01e-0104-437c-6a6b31000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7999352bbacbbbaf-FRA
expires: Wed, 15 Feb 2023 22:23:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1333248186715658&ev=fb_page_view&dl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&rl=&if=false&ts=1676413400925&sw=1600&sh=1200&at=

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 22:23:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1333248186715658&ev=fb_page_view&dl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&rl=&if=false&ts=1676413400926&sw=1600&sh=1200&at=

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 22:23:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 37ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SHGDYFMJXL&gtm=45je32d0&_p=1141217157&_gaz=1&cid=1307713303.1676413401&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676413400&sct=1&seg=0&dl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dt=Send%20Anywhere%20-%20File%20transfer&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 52ms
17ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SHGDYFMJXL&cid=1307713303.1676413401&gtm=45je32d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 114ms
52ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SHGDYFMJXL&cid=1307713303.1676413401&gtm=45je32d0&aip=1&z=1475882940

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
send-anywhere.zendesk.com/embeddable/ Frame CE1D 552 B
1 KB 796ms
768ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8c45d598650b92391c71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f112e178e380888d1b8c1a22a61becf9db33cc04bd54c961a410bc930dba916

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-859d4684b7-6qsxv
x-cached: MISS
x-request-id: 7999352c59e89b9b-FRA
x-runtime: 0.003783
last-modified: Tue, 14 Feb 2023 21:40:58 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BI0QfbwR178tQn2KirnIYnyaOvco2%2FUjR15R9e5RjLGlHcHKh%2BpKPGVzTSPUKSGA3%2BXmdmqbm9PFeuD%2BpRDz97ZFTR%2BoFm5QehgJjBqeS2ojjy%2FFZgeDN3ozsHGV%2FwJMWW0kJwZHbqiIsGg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7999352c59e89b9b-FRA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 13 KB
3 KB 16ms
16ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8zrrRItZNMaEtuchK/ofwQ==
age: 11687
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2959
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:14 GMT
server: cloudflare
etag: 0x8DA08FC70DA836E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 37cf6f34-701e-00f8-7caf-6913fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7999352c5b4cbbaf-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/ 48 KB
12 KB 19ms
19ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uYlRueaFtS5mhOymjGWFow==
age: 11687
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11627
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:16 GMT
server: cloudflare
etag: 0x8DA08FC723EC22F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8c337377-701e-007b-64af-69b356000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7999352c5b4dbbaf-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 21 KB
4 KB 18ms
18ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Feb 2023 22:23:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
age: 58442
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 13bdb469-d01e-0172-4daf-69ef8d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7999352c5b50bbaf-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
25ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-42081347-1&cid=1307713303.1676413401&jid=26989641&gjid=1448174438&_gid=1756156818.1676413401&_u=YCDAiEABBAAAAEAAI~&z=352611461

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://send-anywhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Feb 2023 22:23:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 28ms
27ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1141217157&t=pageview&_s=1&dl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&ul=en-us&de=UTF-8&dt=Send%20Anywhere%20-%20File%20transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAAAAAI~&jid=26989641&gjid=1448174438&cid=1307713303.1676413401&tid=UA-42081347-1&_gid=1756156818.1676413401&gtm=45He32d0n81NQWTW75&z=1763724702

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 23:02:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84036
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 20ms
19ms Image
image/svg+xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Feb 2023 22:23:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 82795
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 03:39:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8ee1beb1-901e-0131-3eff-3fc564000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7999352cead89a18-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 111ms
45ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-42081347-1&cid=1307713303.1676413401&jid=26989641&_u=YCDAiEABBAAAAEAAI~&z=358080940

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 44ms
43ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-42081347-1&cid=1307713303.1676413401&jid=26989641&_u=YCDAiEABBAAAAEAAI~&z=358080940

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 LZERUAA6 Show response
send-anywhere.com/web/key/inquiry/ 218 B
851 B 817ms
813ms XHR
application/json 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://send-anywhere.com/web/key/inquiry/LZERUAA6?_=1676413401126

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/static/js/vendor.22b62a39.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-95.fra2.r.cloudfront.net

Software

nginx/1.16.1 /

Resource Hash

6398a1f7512d45058464af4b152e8a964aa37aef399c225155b85d0f690553c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 218
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"da-61F/jgo1nToZSRAd4NLPMSqpD9g"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
x-amz-cf-id: rNM7PhusbNelPLmjgItRQKBuP7Xjcr3zXeXItoAHBqEpMCO-eJW8ZA==

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 15A0 118 KB
35 KB 101ms
23ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
x-sp-metadata: HS256.COmvsJ8GEogBCiQ5ZmE2ZDRmMS04NzZkLTQyN2EtODQ2MS1iZDdhMDYzZDkwYzEQ4LuY6t7p/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGE0YmIwNWRhLWEwOGUtNDEwZi05ZmJhLWNhOWRkYzBjY2RkZBi1lwIiGAgCEhRjZHMwMzAubG80Lmh3Y2RuLm5ldA==.XBAew5GX5m1lKD7ovWI+nSSHRxgMOjUaTiDliYFwXSg=
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1676413401.cds305.lo4.hn,1676413401.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 2D70 118 KB
35 KB 109ms
41ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
x-sp-metadata: HS256.COmvsJ8GEogBCiQ4NjMzY2VmOC1kZTQyLTQ0MzMtYjQwYS1iYzQwNjFmMjhiYjkQ4LuY6t7p/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDllM2JhNmU4LTkyNTctNDExNy04ZWNiLWFkODQyOGJjMmRmNhi1lwIiGAgCEhRjZHMwMzAubG80Lmh3Y2RuLm5ldA==.tzSXCmyubzx0YArHk5vCXqNT5hXamzCygWEVsxrMKI4=
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1676413401.cds305.lo4.hn,1676413401.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
541 B 151ms
38ms Image
image/gif 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:21 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1676413401252072-392
Expires: Tue, 14 Feb 2023 22:23:21 GMT

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=701021404.03672861987877717.5171694
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=701021404.03672861987877717.5171694
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=fc5c437b-669f-4f9a-9917-8fb033ba92c7
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=fc5c437b-669f-4f9a-9917-8fb033ba92c7
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3b95e7c9-aed3-4b82-b2dd-75555c344be4&user_group=1&ssp=vidoomy&bsw_param=fc5c437b-669f-4f9a-9917-8fb033ba92c7
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=fc5c437b-669f-4f9a-9917-8fb033ba92c7

43 B
467 B

206ms
7ms

Image
image/gif

52.29.63.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=fc5c437b-669f-4f9a-9917-8fb033ba92c7
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Server: 52.29.63.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-63-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=fc5c437b-669f-4f9a-9917-8fb033ba92c7
date: Tue, 14 Feb 2023 22:23:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 49ms
7ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 CESDCKJJ.json Show response
srv.buysellads.com/ads/ 638 B
586 B 83ms
13ms XHR
application/json 64.227.70.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CESDCKJJ.json?segment=placement:send-anywherecom
Requested by: Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.227.70.247 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-15.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 7439d3888e14cb3e3cc3d55eb23e69de9a22b649556962b42becdeb7ad0dc810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 473
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
632 B 215ms
147ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=0.6244660374720803
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
x-sp-metadata: HS256.COmvsJ8GEogBCiRkNTVkYjA2Ni1iMDk4LTRmOTMtYTRlYi05ZGRkYTAyOGY2NWMQoIDi4dnb/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCjG2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRooEiQyMWI5ZDZlNS1iNzI5LTRjNmEtOWYwZC0yOTMxMGE5ODViNDcYKyIaCAISFGNkczIxOC5sbzQuaHdjZG4ubmV0GAk=.T6Jn8A8hDRF9wpTL/tarIQXIWmo9GaliJ/abLIAKtUE=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: EW2Z443AQ3Y18TMX
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1676413401.cds261.lo4.hn,1676413401.cds218.lo4.sc,1676413401.cds218.lo4.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: bpn9b65HDhSESVWm+jsIiVOX8wi7Vr5zqBnquKyF7dLaf/2x94mteugipCjWAfddvhECnTJ9k0s=

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
515 B 222ms
155ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=0.6244660374720803
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
x-sp-metadata: HS256.COmvsJ8GEogBCiRiNmUzZTQ2YS03ZmJmLTRkNTAtOWI2OS0wYzY3YzdhYzNiZDAQoIDi4dnb/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCjG2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRooEiQ0ZjYxNmY0NC1jNDJjLTQ4MzEtOTRlZC00NzE1MmE1ODIwODcYKyIaCAISFGNkczA0MC5sbzQuaHdjZG4ubmV0GAk=.thiNvmgouSAD10WDdTaJpXhA9hgB7jIhSJacQbOMeIQ=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: EW2T7K9B7DB7HYE8
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1676413401.cds261.lo4.hn,1676413401.cds040.lo4.sc,1676413401.cds040.lo4.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: +vbdsU8l41SrymS3QDzmgQPjojjiQNwo0ubJv2NP4S5fDVhRdHvm01ClbYe1PR/aIcKkQ8SEg0U=

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1341760472609957&ev=PageView&dl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&rl=&if=false&ts=1676413401245&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676413401244.257894807&it=1676413400839&coo=false&rqm=GET

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 22:23:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame C05C 4 KB
2 KB 21ms
21ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 14 Feb 2023 22:23:21 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1676413401.cds305.lo4.hn,1676413401.cds074.lo4.c
x-sp-metadata: HS256.COmvsJ8GEogBCiRkZDg3MjAwNi1kYzA5LTQxNDItYWZlYS04ZDA4N2Y2YzZjNjMQ4LuY6t7p/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDcyZDg5YzA2LTFiNDItNGIyMi05NDYyLWQ0NGI1MDJlMmExYhjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.IbPtJMmFaO4iIsEbh6tdiEwOriqGJpV/BopIumvdT1Y=

GET
H2 200 ad Show response
v.lkqd.net/ Frame 2D70 180 B
356 B 298ms
93ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141156&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=58443441&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 27B2 4 KB
2 KB 25ms
24ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 14 Feb 2023 22:23:21 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1676413401.cds305.lo4.hn,1676413401.cds074.lo4.c
x-sp-metadata: HS256.COmvsJ8GEogBCiRjNDJlNjU1NC1iZjUxLTRhNGMtYjM3Ni01NDllYzFiODA1ZTEQ4LuY6t7p/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDg3OTlhYzk4LTg2YTQtNDU5ZS1hODZmLWI0ZDQyZGIyNDIzZRjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.YomY99MKITI46PUjTsa3NnSnive9OQi3tie9htJjWbs=

GET
H2 200 ad Show response
v.lkqd.net/ Frame 15A0 2 KB
2 KB 359ms
164ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=75656562&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d932fbcfbf764d7a76daa5240ee3653f6c93d79f938ec1b23615d054c3eddfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1389

GET
H2

200

cs
cs.lkqd.net/ Frame C05C
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c95a6b68-42a1-4643-abf4-fa86d19fa456

43 B
308 B

194ms
91ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c95a6b68-42a1-4643-abf4-fa86d19fa456
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=c95a6b68-42a1-4643-abf4-fa86d19fa456
date: Tue, 14 Feb 2023 22:23:21 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame C05C 43 B
309 B 288ms
90ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C05C 43 B
308 B 291ms
93ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame C05C
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7125261899886800520

43 B
308 B

91ms
91ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7125261899886800520
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7125261899886800520
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame C05C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jp-qhiejSwlzOYS6C078O9lAlxw

43 B
308 B

91ms
90ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jp-qhiejSwlzOYS6C078O9lAlxw
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jp-qhiejSwlzOYS6C078O9lAlxw
Date: Tue, 14 Feb 2023 22:23:21 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame 27B2
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b01b76e6-64be-45c6-a7c8-c9f6ca189072

43 B
308 B

194ms
92ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b01b76e6-64be-45c6-a7c8-c9f6ca189072
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b01b76e6-64be-45c6-a7c8-c9f6ca189072
date: Tue, 14 Feb 2023 22:23:21 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 27B2 43 B
308 B 277ms
92ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 27B2 43 B
308 B 278ms
93ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 27B2
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456

43 B
308 B

92ms
92ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 27B2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw

43 B
308 B

91ms
91ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw
Date: Tue, 14 Feb 2023 22:23:21 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 298ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx

POST t
t.lkqd.net/ Frame B865 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 224ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame F3E5 0
166 B 293ms
96ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame D6EA 230 KB
61 KB 20ms
20ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
content-encoding: gzip
x-sp-metadata: HS256.COmvsJ8GEogBCiQ1ZWU0MjZkNC0xM2YxLTQxZWQtOGQyMS03MTVkMWI2ZTY5NTQQ4LuY6t7p/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDFiNzNlZThmLWE4MDMtNDU0OS1hZjJiLWM3ZWE4NDJhZDU3ZRjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==.QDOT18bAjc2In+tqiZHDbdtdxzHPXwjNQ+i9lMbkb0o=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1676413401.cds305.lo4.hn,1676413401.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EC58 0
18 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://send-anywhere.com
Referer: https://send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://send-anywhere.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 22:23:21 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 63FC 4 KB
2 KB 21ms
20ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 14 Feb 2023 22:23:21 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1676413401.cds305.lo4.hn,1676413401.cds074.lo4.c
x-sp-metadata: HS256.COmvsJ8GEogBCiQ1N2RiZmZjNS01OTQyLTQyNjQtOGRjYS1mNDI3OGRjZTE1MTcQ4LuY6t7p/AIaBgjZk7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDE1OGVmYmEyLTM5YWMtNDFlZi1iNmFiLTQyYmQ4ZDExYTZmZBjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.BrFwE7InqPRtit4SNlbZex5azSCfk0GjDRK91oCP0Rw=

POST
H2 200 ad Show response
v.lkqd.net/ Frame D6EA 52 KB
4 KB 189ms
189ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=75656562&m=&rtv=1&thost=send-anywhere.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a8483ebd1ddeeb1c8f0be2e65c019eed4dec1dec6ee7d9058274f683dc64c13

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3930

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 273ms
92ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=75656562&m=&rtv=1&thost=send-anywhere.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 14 Feb 2023 22:23:22 GMT
server: nginx

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 web-widget-classic-da42c7a.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame CE1D 13 KB
4 KB 17ms
16ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-da42c7a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8c45d598650b92391c71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6abd49b684ee5d044a7a0c17c9ecba4b43e293a560642eb4d681396f7b436fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
x-amz-version-id: Z1XmQQHhJBWNrxi.PlLZzHpW6uPu13GK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: E8J09D62WS34GENN
age: 68151
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 4iwUlLfLafEG8/uj+USPsXg4lR8lThqSm03DiSEBgvyRyxIBzdzVczvA52g/E1Eic4ZOWGQjjlY=
last-modified: Mon, 13 Feb 2023 22:38:20 GMT
server: cloudflare
etag: W/"f8d2a24801cf8962ff780ff5396464e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r35a45tTpaePDuovKKmYYHev5EgkGrF%2BXh4ysFV3SW5R0lPLSh0MOYD0RBw5Gx4XTWsq8UU9gPVBEMI1io9MomGOiGehQxUVNwJAzGjV23rxSEMGwPXNcHSuANdG0lie%2BDrBfVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 799935314efd35ee-FRA
expires: Tue, 13 Feb 2024 22:38:19 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 63FC
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=409f1302-c5e4-4648-a7e9-7d214d3e6097

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=409f1302-c5e4-4648-a7e9-7d214d3e6097
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=409f1302-c5e4-4648-a7e9-7d214d3e6097
date: Tue, 14 Feb 2023 22:23:21 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 63FC 43 B
308 B 92ms
91ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 63FC 43 B
308 B 93ms
92ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 63FC
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456

43 B
308 B

91ms
91ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 63FC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jp-qhiejSwlzOYS6C078O9lAlxw

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jp-qhiejSwlzOYS6C078O9lAlxw
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jp-qhiejSwlzOYS6C078O9lAlxw
Date: Tue, 14 Feb 2023 22:23:21 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2 200 web-widget-8165-da42c7a.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame CE1D 663 KB
190 KB 34ms
34ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-da42c7a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-da42c7a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
x-amz-version-id: 08.gWom0IcArmYwsbA6ijMPI2eOCV5Te
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: E8J282PKDG92RQ0G
age: 68151
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: innT8N7Ea0eehVXrhV72Dc47CbBLa1pdIEpnzqQfEuIAxzLKUEwDT0cpnNTgdFhvxkD2xe+ojKY=
last-modified: Mon, 13 Feb 2023 22:38:20 GMT
server: cloudflare
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBDxpcAZv5Grgh8ESrbpjPu%2FoipsKNtapjySYl1UwJe0EvfPO%2Ffg015WscyosD9p%2BK%2BglayO30rZzZ34VTBIzmb3DCZ0WGm2lxJm6iogiGv5eMZXcmNuhEQqaD04dTwlZjxkk1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 799935316f2535ee-FRA
expires: Tue, 13 Feb 2024 22:38:19 GMT

GET
H2 200 web-widget-5324-da42c7a.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame CE1D 493 KB
109 KB 27ms
26ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-da42c7a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-da42c7a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02d0da75beab0ee354a4a763744a30e53cda7587cf89e9c5ed01312fe54843e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
x-amz-version-id: g7T4H1gqb8mYqqYHw8eWh.C9MlHFe5v_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: E8JAY6R0PPCZ4N4R
age: 68151
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: AGd/DCsBttvTK3G3LS76jz5rsyIQ2nHvrk3llEdrq0sj5AueIOuTSpjzf7ucg5aEcdohOwYE+GQ=
last-modified: Mon, 13 Feb 2023 22:38:20 GMT
server: cloudflare
etag: W/"c6cedf53efc6bb3c5080f623145ba1c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KjOiPn%2B%2BokxTM5uRhKpka1GqATevHScIAB%2BKbLpVzzLUDC%2BszwjbvE7Mn2Rv5uX4OPfHxsTyXbXXTCfOE0TMgzBVCwBYfcaQdqtZmDD%2FXJJkvJvlFI6QNYe48pbczf0ASQ6Etw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 799935316f2735ee-FRA
expires: Tue, 13 Feb 2024 22:38:19 GMT

GET
H2 200 embeddable_blip Show response
send-anywhere.zendesk.com/ Frame CE1D 0
279 B 740ms
740ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS45NiBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiMTM1MDU0N2U2OTgwNGU4MjkwODFlM2UwOGJhNTVkODgiLCJzdWlkIjoiZjkwZmE1NjA4OTM4NDY1OThjNzg5ZjJjNTVkNzc3MmUiLCJ2ZXJzaW9uIjoiZGE0MmM3YSIsInRpbWVzdGFtcCI6IjIwMjMtMDItMTRUMjI6MjM6MjEuOTYwWiIsInVybCI6Imh0dHBzOi8vc2VuZC1hbnl3aGVyZS5jb20vd2ViL2Rvd25sb2Fkcy9MWkVSVUFBNiJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8c45d598650b92391c71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 22:23:22 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAE5YuX3MlIagNn0tn4NXXy64XMalLHgRFodTuNOWwhHYNbkcKmwlNHAgz3Bp3POz1yjZJWYHcf8yI7LIkuYlnsgtnHrZnnUadNVcKDMEMUwZjgr117naImkrkQ%2FjebWVbPyuAVH%2Bp9otPo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 799935324f4f9b9b-FRA
content-length: 0
x-request-id: 799935324f4f9b9b-FRA

GET
H2 200 embeddable_blip Show response
send-anywhere.zendesk.com/ Frame CE1D 0
459 B 253ms
253ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsib2Zmc2V0Ijp7InZlcnRpY2FsIjoiMzVweCJ9LCJwb3NpdGlvbiI6eyJob3Jpem9udGFsIjoibGVmdCJ9fX0sImJ1aWQiOiIxMzUwNTQ3ZTY5ODA0ZTgyOTA4MWUzZTA4YmE1NWQ4OCIsInN1aWQiOiJmOTBmYTU2MDg5Mzg0NjU5OGM3ODlmMmM1NWQ3NzcyZSIsInZlcnNpb24iOiJkYTQyYzdhIiwidGltZXN0YW1wIjoiMjAyMy0wMi0xNFQyMjoyMzoyMS45NjlaIiwidXJsIjoiaHR0cHM6Ly9zZW5kLWFueXdoZXJlLmNvbS93ZWIvZG93bmxvYWRzL0xaRVJVQUE2In0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8c45d598650b92391c71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 22:23:22 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaB5tTJBlA%2FYN%2BuVi%2BvDPs3ZJArogs7qP%2BtBGEO32qhehiXAQqp8A7gTDFbEmFufBjUlZT7rpiSLCsFk%2FyNUZ25O6D8PtRvc3K9rMGkudn%2BWJwGJzdYg8nlr3i6bQgmopDUWt2nUML18WQY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 799935325f589b9b-FRA
content-length: 0
x-request-id: 799935325f589b9b-FRA

GET
H2 200 de-de-json-da42c7a.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame CE1D 27 KB
7 KB 20ms
19ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-da42c7a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-da42c7a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fef4c190d8296649859de74e1cc0c1f75d535f85fe2fc91c94d21991ae629c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:21 GMT
x-amz-version-id: eDVMMVGXKCSqllDSSGRITYbzYv_zB0X6
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: EJ88FPG3KJ8RE2XX
age: 68147
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ExzDx1anJCPiSTfKBOhpDaGcg6MwLacPL6u0rtFbOqJ3a/NsmaF4gN+euleTW0DX2wZl9cMAJsc=
last-modified: Mon, 13 Feb 2023 22:38:21 GMT
server: cloudflare
etag: W/"899ac1a429cb8c6ab010f1aad08f8b61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCg7keBV9RnxXLXIP3LYngEi6I6qXzXv0fCRpLi8pyiAOnGEjqoMxf9LHoMYLJEXjUJ1jyrhWvwAK4Txi9m3z0jmeqDSWlYy8UFdHLqB6RuoQGgP7xMb51pC0jDfpN7ORZvTuAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 79993532583935ee-FRA
expires: Tue, 13 Feb 2024 22:38:20 GMT

GET
H/1.1 200
OK LZERUAA6 Show response
file-18-138-227-164.send-anywhere.com/api/webfile/ 38 B
315 B 546ms
171ms XHR
application/json 18.138.227.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://file-18-138-227-164.send-anywhere.com/api/webfile/LZERUAA6?device_key=0a0a7586d91779a63d786724863e9454cd79c19897a6dcd08402efbcf05ea990&mode=keyinfo&_=1676413401988
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/static/js/vendor.22b62a39.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.138.227.164 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-227-164.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 4196239cf4cdf6d8aab98bf36a19c2fcb9c3e3550fb01b0a6b313ce6c24237e0

Request headers

Accept: application/json, text/plain, */*
Referer: https://send-anywhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: Apache
Access-Control-Allow-Methods: OPTIONS, GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 38

GET
H2 200 fullpage-ad-default.114855fe.png
send-anywhere.com/static/media/ 25 KB
25 KB 10ms
10ms Image
image/png 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://send-anywhere.com/static/media/fullpage-ad-default.114855fe.png
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 1a7b64e4f352350e6220d17ee15893c38da9d0ab4fb950bc22ac8a4897f90b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/web/downloads/LZERUAA6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 23:55:33 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 20:01:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA2-C2
age: 2586468
etag: "63617b14-6359"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25433
x-amz-cf-id: d0vLG-g_z4v8dLMEqViCO1qN7nhHKUTatW2c7XxRviHJZ0NLxhwvYA==
expires: Tue, 14 Feb 2023 23:55:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 106ms
41ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=send-anywhere.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 107ms
42ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=send-anywhere.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
12 KB 85ms
84ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4207827967016879&correlator=1493640194771543&eid=31072039&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fifs&iu_parts=21678581572%2CWeb%2CUNIT1&enc_prev_ius=0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=1&adks=634674069&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1676413402011&lmt=1676413402&dlt=1676413400445&idt=570&adxs=0&adys=64&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1307713303.1676413401&ga_sid=1676413402&ga_hid=1141217157&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18b67a24ca79c181d718ebf526f5547858b753012bc7c9d38d950df4d9d11a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12573
x-xss-protection: 0
google-lineitem-id: 6203702537
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138420547588
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://send-anywhere.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 77ms
77ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4207827967016879&correlator=1493640194771543&eid=31072039&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fifs&iu_parts=21678581572%2CWeb%2CDownload_Landing&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=872967977&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1676413402018&lmt=1676413402&dlt=1676413400445&idt=570&adxs=80&adys=273&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=1307713303.1676413401&ga_sid=1676413402&ga_hid=1141217157&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626d691fecf868ad2aff6fb3f15b67d197fc9508fa4185e57358288bd44b02b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17374
x-xss-protection: 0
google-lineitem-id: 6203010667
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138420549982
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://send-anywhere.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3305 6 KB
3 KB 112ms
41ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 22:23:22 GMT
expires: Wed, 14 Feb 2024 22:23:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame F26C 0
165 B 126ms
97ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:22 GMT
server: nginx

GET
H2 200 embeddable_blip
send-anywhere.zendesk.com/ Frame CE1D 0
0 740ms
739ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://send-anywhere.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjE1MjUsImNvbmZpZ0xvYWRUaW1lIjo4MTd9LCJidWlkIjoiMTM1MDU0N2U2OTgwNGU4MjkwODFlM2UwOGJhNTVkODgiLCJzdWlkIjoiZjkwZmE1NjA4OTM4NDY1OThjNzg5ZjJjNTVkNzc3MmUiLCJ2ZXJzaW9uIjoiZGE0MmM3YSIsInRpbWVzdGFtcCI6IjIwMjMtMDItMTRUMjI6MjM6MjIuMDU3WiIsInVybCI6Imh0dHBzOi8vc2VuZC1hbnl3aGVyZS5jb20vd2ViL2Rvd25sb2Fkcy9MWkVSVUFBNiJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8c45d598650b92391c71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 22:23:22 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djw%2FAMshxxLN%2BEob15IRXFPVsZROUTb0nlew33g2gwev1HhaYZBZ0sjg6vFb87ppbzrb74PutBH4U%2BudFoaH1s1e%2BYzDyQ9PsEdzjTQUpx4muvhZr1aO86D5UG0Q7bfhqHUhQfgOjk4%2Fj8c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 79993532eff29b9b-FRA
content-length: 0
x-request-id: 79993532eff29b9b-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D8AB 0
0 55ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1oq_9-X6weQjuLJlO1ut7bkZfpBvZMeMAdfxS1BEOLUnic_wR22Yy_ucie-U-irKICKEfZilQh480q48vs49TZF6wloqP2KiAZUfn3XOx57FVP9sTZCR4TNDpnrkTp3e2ZwCA1i5vi97IfWFCTf5h323DCdYiyDDncg8fJo-vVsBkjhwA_mbKRTdGRCIY7eFdv8SFz5X2fBnmD8htkC37lzBXGeXSjPyjDVx5i8v-H32nC5rXFF1t9lEcIQ_jj_0HNVMzd6n7zvZSyiK5RUKg71JJN1O6CuZpeG2SEbXU7KaUWWkWnyQJoszjlisVDzk-czh1xCU7Cls8zEgVKQ&sai=AMfl-YTrbKQ3J52PcPPi7y2ziMgSEe6CCPbz89Hoid46BPrRXXv3hipEzDTw2EDUmepDm6bKjKV7BmsfuaMeomp5Sar5F_87RXKLWUpzfgJlXMTSKJQhRGd4CZ1Yth7evq-_U6L8h0VrOaxttJ16CuE&sig=Cg0ArKJSzF8TvJJXOyNtEAE&uach_m=[UACH]&adurl=

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/ Frame D8AB 22 KB
9 KB 97ms
23ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

284cc0215846e0177a71374a6b5edfc803d932978413faca489263984d2866fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:21:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9046
x-xss-protection: 0
server: cafe
etag: 3345793926543552485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:21:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/ Frame D8AB 3 KB
1 KB 96ms
22ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230209/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:24:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8AB 156 KB
48 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H2 200 4342249294384569648
tpc.googlesyndication.com/simgad/ Frame D8AB 27 KB
28 KB 100ms
26ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4342249294384569648

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1767fb0be5d1b0cee1088827d7fd4470574e9f9b9f7c69145c973e77bf70b94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 12:54:28 GMT
x-content-type-options: nosniff
age: 552534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27933
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 06:35:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Feb 2024 12:54:28 GMT

GET
H2 200 container.html Show response
8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CECC 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 22:23:22 GMT
expires: Wed, 14 Feb 2024 22:23:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CECC 24 KB
7 KB 58ms
21ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com
URL: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Feb 2024 13:24:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CECC 156 KB
48 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com
URL: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48832
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676324880006035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CECC 0
0 59ms
59ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFEGPt-kucixqUr_wzQgywXva1JQOAkRx0jtKPEIlHMzfhYj6vigq0Oa-QkQhTxNfNfi3A7CSW_MrhSBzuXgwdCNK_pRE0ODIjmm2Q2t-lhJWmMHs75OuXJpWANWn_5ME42oPlGPs-fK3ME2o8F9jCp5xGLun7FXqIwCW0bbe_UTP6I3KSfg_fVFnjOWJXniEi6pgcyrf_J2GtOXqJ_FRYkATXvDiV8oZ8s66fznhg3D5y2xKsNcHh06_DdRUqwsnGiWTmdHmyR7cf8e6MAxOPQs3Sm4SaSw7tnIpwHu8G1YS-MaujRlM8FVV9kDeO6mtlLvA&sai=AMfl-YRW0QgeovMQh_UvPBgNsG347mWTDBf5g_4Jp2rSVpPzLlzIoR3QL7aYm8_mABlARI0G_iOHICt0iQsIhPj1gBEFvtj_oi_w6BApMqDAzWSJvdLyn0xQ8HYTAME_fwaoH79eX8kM0QwNFEifF7zZ&sig=Cg0ArKJSzB4os5Q6gubjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com
URL: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D8AB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0843a8b1ed6c8186089dfddcd0a78101eb7326511fdbd35e6fc9232788cd2770

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CECC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45c978fdeff4d572910ce4c58a1e63b813ca11e6f600feb29a61204579c6c95e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1118794685782798707
tpc.googlesyndication.com/simgad/ Frame CECC 83 KB
83 KB 21ms
20ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1118794685782798707?

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

971f0e97345886c34928338b62f893d6fd0dcb72d9b24356dfa8e0d803220097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 08:53:57 GMT
x-content-type-options: nosniff
age: 394165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85041
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 05:38:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Feb 2024 08:53:57 GMT

GET
H2 200 WEB_BG_2560%E2%80%8A%C3%97%E2%80%8A1666_KR.png
d4a553n24khrv.cloudfront.net/wp-content/uploads/2023/01/ Frame CECC 472 KB
473 KB 172ms
7ms Image
image/png 2600:9000:223c:dc00:13:8224:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d4a553n24khrv.cloudfront.net/wp-content/uploads/2023/01/WEB_BG_2560%E2%80%8A%C3%97%E2%80%8A1666_KR.png
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:dc00:13:8224:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: dff3d80d85e9ee2f9ca4ecc4c68b8d1da680a754ba1d998e438de8a9b805fe24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 04:48:39 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jan 2023 05:12:45 GMT
server: Apache
x-amz-cf-pop: FRA56-P2
age: 63282
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 483400
x-amz-cf-id: Wp9OZRwNxwXE3RMWDgTJYYnqKzAscVVi5Bctv2959UzmszwfF4AqnA==

GET
H3 200 container.html
8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CECC 6 KB
6 KB 7ms
6ms Image
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2653
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Feb 2024 22:23:22 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CECC 0
0 56ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0oYPaSJLJFQMJy7lSWwR_C198fTmUpPJ_cVFTzW4di-3U7dUVJ_nGQ6Amuh64veURAc-qKiZoINOjKnPkIDfTDTEtwgGoD7jwfB6AszPTFI5cvPeWVJywDm5LtRHqxnCT3-WVOk2yOja49zaKpDGBwjc4vt2-n6MqQteEkhdqtzdq_OCjlyCHoQRfinqzBisjkGSJmKioi99YyT49WVAqD5p5AmQuf42v0S1AfCqNhlK2Fcs4oHY7C-6d2_1SHvpwAWsD8SAZU9IuIZ7hj-3PmJr3i6giOCQPQox2JLVsM1JbOAAaY4w2EnDCONBPkJvyGTdzBQ&sai=AMfl-YSRmpSutKwOHdPoatk2WxJSWhC8Vq76OpkaH8FMWbSK16s_N-99MvK1a4Kl1SsNSdcjtYSDouc3AwQSMVSzJsYPNSjxc9-X3gboBjbJPVCIJtQeg1187ft5voIGt-jvpHM0u6HikVrFHVFXMP0J&sig=Cg0ArKJSzPfs2yLnKwdfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D8AB 0
0 55ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEq8zQUTcWn0Dx2ejQvA5Nm_0o5WA8030lUJ4IAnMkbbmRwBCYt-zvSvAzUvDqmim9-xZe7enfjRGHEGgthCe6qZ24qg8x2S8g5K-2vUHZjDpAcwCD4fFotOkVNzhMCmTG2Ne2EzfFpwQOWZnSgrM6n8_QCMI69e5Hz9OSN3NqNDIQRZEJwVF9ipV3VlMdRnfH5eJdfZjyL4PDLkK8knyLQxsYcV1jU8SZ_rnmnHmBEr-MkscUV_ADDu0J04YLh-f1UxRXtXJvUj0kX6qb85hJ83EUAgbjqBLfyw4_KhK-gFUgtuD0rFaP6w5Z2eXkL4BOZ3J7JUNIkqNFYxeophYh&sai=AMfl-YStHAHzBX8xbY8brl_6Xgv4OTjXcOdgkOhnViifX_207IQPSK15fxUf7QY-lCPPoWD-Mnc_sU9aq2Dlhp9tuzQrI7E1qlMFnNX6_6ZXzNEKFCe_MY5d2kJzFuXNuncCg2lX66jZv4N1x0aXO0o&sig=Cg0ArKJSzI9gAoHq3kzlEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 06AC 200 B
1 KB 9ms
8ms Document
text/html 13.225.78.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-123.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 708
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 22:11:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 03 Feb 2023 21:30:00 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-id: vjtfMpwuSwsdyynNUKpsYsAqmpdUdIdvkuPaQEE0dwGBzG3shWmfbg==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 36ms
21ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae41451259aec0453920172b9097440ad46c9187b2c5b1f536cea107537b1c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11240
x-xss-protection: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
530 B 153ms
77ms XHR
text/xml 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://send-anywhere.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 816 B
1 KB 26ms
26ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C11439871298411913844691421462,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f4f824f1bffdb6e9cddff4496c04e968b9b59eafaa561025abc79343d22dcdef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 816
x-sticky-vk: 1676413402299028-428
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
529 B 159ms
84ms XHR
text/xml 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://send-anywhere.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
691 B 111ms
84ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C13844720258411913844691421462%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413402286075-379
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 61ms
35ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C8411913844691421462442321992%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 509279aeefd010f7339eb30d286df9eff75ac4e46ea353d9e927d36e09bd4b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1676413402254096-380
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 832 B
1 KB 51ms
24ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C84119138446914214621107389355%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2811b85d977be142abdd18dafaf7bd22b1cf7e6766486530daf97c48b2481451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 832
x-sticky-vk: 1676413402341016-399
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
890 B 157ms
41ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C84119138446914214621625386796%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 953a35ff5b5d5d1a13fcec06d8fe86f552d115b14a6d0116b5db3336f820c9f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 644
expires: Tue, 14 Feb 2023 22:23:22 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 06AC 0
600 B 517ms
169ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 06AC 0
600 B 517ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 06AC 631 B
1 KB 9ms
9ms Script
text/javascript 13.225.78.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-123.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 14 Feb 2023 22:11:40 GMT
x-content-type-options: nosniff
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 707
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 03 Feb 2023 21:30:00 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zpyMk5xRhOKLcPVyeGcL119lGQbiWbVNKQlSBkgmikTnC6ALreq-Cw==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0182 930 B
2 KB 76ms
8ms Document
text/html 2600:9000:20eb:5600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:5600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 22:23:13 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-id: eg93VnEv8VtcJxoIpaGYEr_Hw-DsAW7ZHHU7SYTTEOCjVWwoJAaZLA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 77ms
77ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 22:23:22 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 0182 0
375 B 413ms
169ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: send-anywhere.com
URL: https://send-anywhere.com/web/downloads/LZERUAA6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0182 86 KB
14 KB 9ms
8ms Script
text/javascript 2600:9000:20eb:5600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:5600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 22:22:27 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 61
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: BF5Dj7_cOTduLuI3s3UCbvvDGW-4u-oLY92Kt02ni7wImPqHE5afNA==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD15 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 20:33:51 GMT
expires: Wed, 14 Feb 2024 20:33:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6CF7 783 B
970 B 44ms
43ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb19f07caa6669de583e56432f8b0df10c22d4cea1362dd4badb2985a5b67fa4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D8zyZCe67av0j59-Mmf8iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-D8zyZCe67av0j59-Mmf8iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 22:23:22 GMT
expires: Tue, 14 Feb 2023 22:23:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:22 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame F26C 0
165 B 101ms
100ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 8973 342 KB
116 KB 155ms
10ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop055.fr8.t,1676413402.cds004.fr8.shn,1676413402.dop055.fr8.t,1676413402.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 6 Show response
m.stripe.com/ Frame 0182 156 B
552 B 525ms
172ms XHR
application/json 44.233.72.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.72.180 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-72-180.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a87c3776603e3f167b7c79e81aa8cd52c447d93fb20274e459ab1c4df9508b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 14 Feb 2023 22:23:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H/1.1 200
OK LZERUAA6 Show response
file-18-138-227-164.send-anywhere.com/api/webfile/ 125 B
402 B 172ms
171ms XHR
application/json 18.138.227.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://file-18-138-227-164.send-anywhere.com/api/webfile/LZERUAA6?device_key=0a0a7586d91779a63d786724863e9454cd79c19897a6dcd08402efbcf05ea990&mode=list&start_pos=0&end_pos=30&_=1676413402552
Requested by: Host: send-anywhere.com
URL: https://send-anywhere.com/static/js/vendor.22b62a39.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.138.227.164 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-227-164.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 76292a41e0ceb617c0ebb8d07f51e2c1d1d650265865888de72af9ed461227a4

Request headers

Accept: application/json, text/plain, */*
Referer: https://send-anywhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: Apache
Access-Control-Allow-Methods: OPTIONS, GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 125

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6CF7 0
0 41ms
40ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020901&jk=4207827967016879&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

GET
H2 200 Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js Show response
pagead2.googlesyndication.com/bg/ Frame AD15 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Pa3FQa1Op-rzsgWzdRk_U6cBB6Aivrii6CE4opXgiG0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 07:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14329
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 07:52:55 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame F26C 0
165 B 115ms
115ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:22 GMT
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AD15 0
10 B 20ms
19ms Image
text/plain 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bivAbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 8973 25 KB
25 KB 31ms
8ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1676413402708
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:22 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop211.fr8.t,1676413402.cds001.fr8.shn,1676413402.cds001.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f21ebabd0c87d5fb691de87209b1951&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v1073_7200140736166978176&gdpr=0&gdpr_consent=null
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMEGEK1EaQ0DclaLaQP_Dvc&google_cver=1&gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

32ms
31ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413402918075-415
Expires: Tue, 14 Feb 2023 22:23:23 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 8973 301 B
799 B 26ms
26ms XHR
text/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1676413402672071-404
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 8973 67 B
691 B 86ms
86ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C60832%2C1%2C11439871298411913844691421462%2C%2C&_fw_gdpr_consent=&vav=5f34d146858c583e82ec4f42b2c9f360&vaviv=64bb19f72a25091a15db4fbb39c7653b&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413402651096-408
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
409 B

118ms
43ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413402714069-358
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

427ms
103ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N96J2AKCA4HDFWVS9PPV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413402714052-407
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
DATA 200
OK truncated
/ Frame D6EA 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame F742 342 KB
116 KB 8ms
8ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop055.fr8.t,1676413402.cds004.fr8.shn,1676413402.dop055.fr8.t,1676413402.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame F742 25 KB
25 KB 7ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1676413402869
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:22 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop211.fr8.t,1676413402.cds001.fr8.shn,1676413402.cds001.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame F742 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f21ebabd0c87d5fb691de87209b1951&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v1073_7200140736166978176&gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
265 B

102ms
34ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413402877045-419
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame F742 301 B
799 B 38ms
37ms XHR
text/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1676413402830064-341
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame F742 67 B
691 B 89ms
89ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C60832%2C1%2C8411913844691421462442321992%2C%2C&_fw_gdpr_consent=&vav=be3c1308c313afba7331fefc4a4bcc71&vaviv=33519047c4ce63915d48ac82998ad922&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413402879025-406
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET user-matching
ads.stickyadstv.com/ Frame F742 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
232 B

45ms
43ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413402872063-368
Expires: Tue, 14 Feb 2023 22:23:22 GMT

GET user-matching
ads.stickyadstv.com/ Frame F742 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

352ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9PH98V85T5MHH18JEB97
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:22 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413402938014-337
Expires: Tue, 14 Feb 2023 22:23:22 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame F26C 0
165 B 97ms
96ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:23 GMT
server: nginx

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame B6B4 342 KB
116 KB 7ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop055.fr8.t,1676413402.cds004.fr8.shn,1676413402.dop055.fr8.t,1676413403.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame B6B4 25 KB
25 KB 7ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1676413403017
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:23 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop211.fr8.t,1676413403.cds001.fr8.shn,1676413403.cds001.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame B6B4 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMEGEK1EaQ0DclaLaQP_Dvc&google_cver=1&gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

31ms
30ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413403019069-399
Expires: Tue, 14 Feb 2023 22:23:23 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame B6B4 301 B
799 B 27ms
27ms XHR
text/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Server: nginx
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1676413402995056-351
Expires: Tue, 14 Feb 2023 22:23:23 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame B6B4 67 B
691 B 119ms
119ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C60832%2C1%2C84119138446914214621107389355%2C%2C&_fw_gdpr_consent=&vav=d721a5313e0ab3f1a0a6bf6db3a814d6&vaviv=8060585021db703ea214c4c1ae91502a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413402962089-372
Expires: Tue, 14 Feb 2023 22:23:23 GMT

GET user-matching
ads.stickyadstv.com/ Frame B6B4 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

44ms
44ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413403020062-392
Expires: Tue, 14 Feb 2023 22:23:23 GMT

GET user-matching
ads.stickyadstv.com/ Frame B6B4 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

279ms
101ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YDEHEQXKTZKTFJQX6VPC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413403042045-414
Expires: Tue, 14 Feb 2023 22:23:23 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:23 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame F26C 0
165 B 97ms
96ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020901&jk=4207827967016879&bg=!hYalhtLNAAYuhb89DoU7ADkAdvg8Wi5DHwMXsS8zmF0-293joUb1jk_HC5poAheP7K4TQGoVcs-RwlvYnvHPIOYgJL0kePCOTOgCAAAAUlIAAAACaAEHmQLiC6AT299HSX7a-CfA2WKqzfKfRTuQ09h6hoEKCZV1-rsl0nyl9TLXdXGcEwCFc9L6S-dH5dd6v6EEQo32oCaQeZg0zvTKVFSTT2lJjD3Z_p1WRtEbMkvy3HPIja3KdWqamy-iuGi9TqksWwsC-XrHdTdpqitldFnyrujWV0UIAtwENINYKZy2tQMOL5aSKw-90Nqu77mwpo7DcuSMaSp4v9LWD8oAK_zBVTkfTUdahhy2d0H3cQTCRxElXRH_Ww3TyrTsiyasWkoKj4R3Wf_qmV5c4mqzDXM0pU9A0KN_zrI8nxR5eCZRytFIVo0FDxHsDWpXjJ1GmToDwQRh34qXga4EcCU2uRzW9H1DWZ9iklUdED9VFrgddoFMHYClp5NKm-8axOvF4mrrq3ZqQd4qh0xm-LP1Lvmy5Em7BbgMTnQGuktgxxmMq2my3NyZv-Ebs9FN7tq_GWrwGDZm-WA617FFnozQ91ta_WLFD6WzfWquwRQiMBb73wAR5uVi0xbW9L0Vifw-oLevpEU1K70v2ouymAYWSR9SCdxh0AskkXNs8MXowSh04-0eBwvwU5xyQxQVuWywe2VIOIi3Z9mn6dxcHRtT2iEk7OVRN52c-HOx9KDL0iLcbOGJtSWqt1So4P9g3_X9DXrwiwDY5TLwkynGguezAzcTXtL0DRcOgUcDQNjEs3MmofJn7Zm2vYYvxcLBm58M-9_MGVUXZ9DhywHjOCIcrqWpuCs3ykJL0D6WxkprhmiqGNsT8ifvJWZEbkMwNfR5gyDbtQatX19mesiVAvQ6cTD3z3PbYzNWz8-nw7ZuWdfuiXwvrV9WP_RBlVN3zUV8divl2olYT2-iZunJQHFo_IK9F_jiyRvvxnt-ZtkTXC1e39QNNkU2nw5-5yWyBywahfFhL5QO5k_O3o351g4L2TEvf8LAQe2xV_6Ys2HhIvHRXGQJxFk7rjGqNVYVacK0Gu-swven_lDQIFr_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CECC 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMui9FQcihP-SbREJuIoCEFGoDV_hXwBh_qhctpdLkXISX292WSAClEIuzwx-MIEqt1quNZaI1IWKEmlUQYU6q-5StMKgi3XeQkTLrIbad7s049udm&sig=Cg0ArKJSzC0CG4B4k_yKEAE&id=lidar2&mcvt=1000&p=64,0,1200,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=634674069&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676413402157&rpt=145&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D8AB 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHi9Xl-bXIAp7_XNVlXipGcUL97KnL3oaneOXsuAV9RTxNgIVMhyhv3ugn-nwJC-qQ7KeqnVgTfTYJhjQ6e4AJL2sUrm5YGQqO1Q3EGhAEx81NfsPo&sig=Cg0ArKJSzOyEbsGd0rtyEAE&id=lidar2&mcvt=1000&p=273,80,523,380&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=872967977&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676413402132&rpt=178&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
v.lkqd.net/ Frame 15A0 2 KB
2 KB 389ms
389ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=6332241&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e5b1cd79bb4d502e5b937f49227435b6e2bc4d80a267e0800a61dbc411ce203

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1389

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 8EFB 230 KB
61 KB 22ms
21ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
content-encoding: gzip
x-sp-metadata: HS256.COyvsJ8GEogBCiQxNzIzM2E4ZC0xZTNhLTQxNGMtODJmOS0zYzM2ZTRjZGRlOWIQ4LuY6t7p/AIaBgjck7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGJiMjQ4MjZkLTdhNmQtNDRkOS1iNDFlLWZkMjI3NTBlNGEzOBjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==.yPZBZ227bQO69ng/oP4oC5Yvg9lkq6kNWDTvJZEa+OQ=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1676413404.cds305.lo4.hn,1676413404.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 7E0F 4 KB
2 KB 23ms
22ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 14 Feb 2023 22:23:24 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1676413404.cds305.lo4.hn,1676413404.cds074.lo4.c
x-sp-metadata: HS256.COyvsJ8GEogBCiRkZmI3NWRjYS1kNjk1LTRjYTItOTg2ZC01MDY4MDJmMGZhYmIQ4LuY6t7p/AIaBgjck7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDVhMzA0ZTkyLWNlMDUtNDJjYy1iMGVmLTk3NTBlNjUwYjg0YhjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0./XbgiWIC/zLI/oWyYyTRc2uNGBfBEVTyC0urDXMh4HA=

POST
H2 200 ad Show response
v.lkqd.net/ Frame 8EFB 59 KB
4 KB 187ms
187ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=6332241&m=&rtv=1&thost=send-anywhere.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ce17f5d2a157faabccbd5f58b194f18c8ffab94cc03bfb0701a2812db66075da

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4294

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 98ms
98ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=6332241&m=&rtv=1&thost=send-anywhere.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx

GET
H2

200

cs
cs.lkqd.net/ Frame 7E0F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw
Date: Tue, 14 Feb 2023 22:23:24 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame 7E0F
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=39ed9947-8fa4-43de-a41f-1de53541b097

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=39ed9947-8fa4-43de-a41f-1de53541b097
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=39ed9947-8fa4-43de-a41f-1de53541b097
date: Tue, 14 Feb 2023 22:23:24 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 7E0F 43 B
308 B 92ms
91ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7E0F 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 7E0F
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame 2649 0
165 B 98ms
96ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:24 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
529 B 76ms
76ms XHR
text/xml 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://send-anywhere.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
888 B 41ms
39ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C12911713394159280238381015698%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: de11ab1e8e650b5fe51bf2b956108f08fb2612f60ba730633640a3ec4770eed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 642
expires: Tue, 14 Feb 2023 22:23:24 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 830 B
1 KB 26ms
24ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C415928023838101569842951173%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 65c6f5e7ba65b5155117a3e091ba1c82d4022ee2e169664efd4de8d59f6ad4a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:24 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 830
x-sticky-vk: 1676413404404017-403
Expires: Tue, 14 Feb 2023 22:23:24 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
691 B 119ms
117ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C3153316084159280238381015698%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:24 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413404404017-390
Expires: Tue, 14 Feb 2023 22:23:24 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
529 B 91ms
89ms XHR
text/xml 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://send-anywhere.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 832 B
1 KB 27ms
25ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C41592802383810156981108402922%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c3bb6da0075edfb0ca14eddec1e96238e8e899a64c8e84cc7437cff84581d29e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:24 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 832
x-sticky-vk: 1676413404403024-359
Expires: Tue, 14 Feb 2023 22:23:24 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 816 B
1 KB 26ms
25ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C12846518084159280238381015698,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 78760d53e7f8cb315ea0ca1ca2893a64a7373d89086f51da9fd343f027c2f326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:24 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 816
x-sticky-vk: 1676413404396013-339
Expires: Tue, 14 Feb 2023 22:23:24 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
889 B 40ms
39ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C41592802383810156981275835249%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 628ea950fe26e339e96f08a99e89e833a82c90e1af5cbff881238fa0bbb20390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 643
expires: Tue, 14 Feb 2023 22:23:24 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
92ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 2649 0
165 B 104ms
103ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:24 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8EFB 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 80E6 158 KB
38 KB 38ms
37ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C12911713394159280238381015698%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 86cf58fa31f5a67cf2cf73c1804d0d2b3c86c6c8a1461ff7caa0f989f0cf02c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 05:38:16 GMT
server: Apache
etag: "27981-5f1e24a67517b-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38153

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 078B 38 KB
14 KB 37ms
36ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C12911713394159280238381015698%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=86599
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Tue, 14 Feb 2023 22:23:24 GMT
expires: Wed, 15 Feb 2023 22:26:43 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 80E6 38 KB
14 KB 44ms
40ms Script
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C12911713394159280238381015698%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=86599
accept-ranges: bytes
content-length: 13968
expires: Wed, 15 Feb 2023 22:26:43 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 078B 2 KB
3 KB 112ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91770491&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: dabd3c5bede77600acfa17dd39e93305af80476b04d0aaec4c116d560d2d1d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 t Show response
t.lkqd.net/ Frame 2649 0
165 B 100ms
97ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:24 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:24 GMT
server: nginx

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 7C64
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent=

35 B
476 B

26ms
24ms

Document
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Tue, 14 Feb 2023 22:23:24 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Tue, 14 Feb 2023 22:23:24 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 59C4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1&gdpr=0&gdpr_consent=

42 B
323 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 14 Feb 2023 22:23:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 14 Feb 2023 22:23:24 GMT
Expires: Tue, 14 Feb 2023 22:23:23 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 457 2362390 master cdg-pixel-x31 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=78574922712422947

42 B
193 B

14ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=78574922712422947
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 14 Feb 2023 22:23:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=78574922712422947
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8E09 43 B
363 B 327ms
16ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 22:23:24 GMT
expires: Tue, 14 Feb 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 392582
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DEBD
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK

42 B
568 B

75ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 14 Feb 2023 22:23:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 14 Feb 2023 22:23:24 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 8588
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

193ms
193ms

Document
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 14 Feb 2023 22:23:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: FAR3Z073FS9TA9NK7Z5M

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 14 Feb 2023 22:23:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 9QST5WDM797MR6AZ8X90

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 078B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wUPGfliXTDe2-AXPc14a2Q%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

38ms
37ms

Image
text/html

2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=53582
accept-ranges: bytes
content-length: 5554
expires: Wed, 15 Feb 2023 13:16:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e8e3a59b09d0621b/gdpr=0/ Frame 078B
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e8e3a59b09d0621b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
266 B

110ms
30ms

Image
image/gif

108.128.57.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e8e3a59b09d0621b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 108.128.57.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-57-95.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.215
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e8e3a59b09d0621b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 078B
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&addseg=19,36,42

0
0

106ms
15ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Redirect headers

date: Tue, 14 Feb 2023 22:23:24 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 078B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzE0M0M2N0UtNTg5Ny00QzM3LUI2RjgtMDVDRjczNUUxQUQ5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

60ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 14 Feb 2023 22:23:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 078B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcj-ooHLjW3Mn4cMEco__U&google_cver=1

42 B
375 B

58ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcj-ooHLjW3Mn4cMEco__U&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 14 Feb 2023 22:23:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEcj-ooHLjW3Mn4cMEco__U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 078B 43 B
613 B 68ms
15ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 13 Feb 2023 22:23:24 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 078B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5300975818534935871

42 B
219 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5300975818534935871
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 14 Feb 2023 22:23:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5300975818534935871
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 078B 70 B
264 B 31ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 80E6 27 B
552 B 205ms
80ms XHR
application/xml 185.64.189.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C12911713394159280238381015698%2C%2C&us_privacy=&cb=1676413404660&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fsend-anywhere.com%252Fweb%252Fdownloads%252FLZERUAA6&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fsend-anywhere.com%252Fweb%252Fdownloads%252FLZERUAA6&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-2-14%2022:23:25&ranreq=0.7542609209688897&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C12911713394159280238381015698%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:25 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://send-anywhere.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame 80E6 0
91 B 99ms
20ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1676413405&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame DDD9 342 KB
116 KB 7ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop055.fr8.t,1676413402.cds004.fr8.shn,1676413402.dop055.fr8.t,1676413405.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

POST
H2 200 t Show response
t.lkqd.net/ Frame 2649 0
165 B 97ms
97ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:25 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:25 GMT
server: nginx

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame DDD9 25 KB
25 KB 8ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1676413405525
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:25 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop211.fr8.t,1676413405.cds001.fr8.shn,1676413405.cds001.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame DDD9 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

31ms
31ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405456076-408
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame DDD9 301 B
799 B 37ms
37ms XHR
text/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1676413405536029-405
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame DDD9 67 B
691 B 128ms
128ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C60832%2C1%2C415928023838101569842951173%2C%2C&_fw_gdpr_consent=&vav=1f9f07dc24d09b968b51d95ba8e3b2b9&vaviv=25620238bfc392b788348e3f5f5ae49d&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413405514044-389
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET user-matching
ads.stickyadstv.com/ Frame DDD9 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

43ms
43ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405553048-381
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET user-matching
ads.stickyadstv.com/ Frame DDD9 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

104ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4F30NHMM2YXYKPXZE1ER
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405567026-391
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 20CD 342 KB
116 KB 7ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop055.fr8.t,1676413402.cds004.fr8.shn,1676413402.dop055.fr8.t,1676413405.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 20CD 25 KB
25 KB 9ms
8ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1676413405708
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:25 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop211.fr8.t,1676413405.cds001.fr8.shn,1676413405.cds001.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 20CD 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

30ms
30ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405601095-377
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 20CD 301 B
799 B 36ms
35ms XHR
text/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1676413405673048-424
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 20CD 67 B
691 B 71ms
70ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C60832%2C1%2C41592802383810156981108402922%2C%2C&_fw_gdpr_consent=&vav=37148a10f25781be2c36e16990446480&vaviv=a5461891459808d44084844de1850ab0&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413405638085-340
Expires: Tue, 14 Feb 2023 22:23:25 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 2649 0
165 B 96ms
96ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:25 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:25 GMT
server: nginx

GET user-matching
ads.stickyadstv.com/ Frame 20CD 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

43ms
43ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405746029-358
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET user-matching
ads.stickyadstv.com/ Frame 20CD 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

109ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DBVBQARE4GCG9V2GABHK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405740017-398
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame D903 342 KB
116 KB 7ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop055.fr8.t,1676413402.cds004.fr8.shn,1676413402.dop055.fr8.t,1676413405.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 117960

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame D903 25 KB
25 KB 7ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1676413405831
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 22:23:25 GMT
Last-Modified: Thu, 26 May 2022 08:10:46 GMT
ETag: "1653552646"
X-HW: 1676413402.dop211.fr8.t,1676413405.cds001.fr8.shn,1676413405.cds001.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame D903 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null

70 B
264 B

30ms
30ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405821018-386
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame D903 301 B
799 B 34ms
34ms XHR
text/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1676413405841021-375
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame D903 67 B
691 B 126ms
125ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C60832%2C1%2C12846518084159280238381015698%2C%2C&_fw_gdpr_consent=&vav=315196bd67f937fa680d82ac7d6a78da&vaviv=fd032f990608b882b61ead42cff027a9&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413405761082-362
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET user-matching
ads.stickyadstv.com/ Frame D903 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

44ms
44ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZjIxZWJhYmQwYzg3ZDVmYjY5MWRlODcyMDliMTk1MQ==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405898008-382
Expires: Tue, 14 Feb 2023 22:23:25 GMT

GET user-matching
ads.stickyadstv.com/ Frame D903 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

106ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HA8YA1EWVX96WPE1QMS0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f21ebabd0c87d5fb691de87209b1951&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676413405817074-338
Expires: Tue, 14 Feb 2023 22:23:25 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 2649 0
165 B 97ms
97ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:26 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:25 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 2649 0
165 B 99ms
98ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:26 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:26 GMT
server: nginx

GET
H2 200 ad Show response
v.lkqd.net/ Frame 15A0 2 KB
2 KB 96ms
94ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=90397201&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 28ad17ca9b414d74104055f240348c8efbdd3820e36942d610aa715f81b0aae3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:26 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1387

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 68D9 230 KB
61 KB 23ms
22ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:26 GMT
content-encoding: gzip
x-sp-metadata: HS256.CO6vsJ8GEogBCiRjMDVmOWM5OS1jMTlhLTQyMmQtOGE3MC0zNjgzYzZjNmE1OWUQ4LuY6t7p/AIaBgjek7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGNiNTY4OTM3LWJjMmMtNDk0NS05OTcwLWRmNmIyZTY5MTIwORjF5AMiGAgCEhRjZHMzMjIubG80Lmh3Y2RuLm5ldA==.+CDZe4xBdReVWlISuTTLWLz0dkxHRntSabb6h4KGvvU=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1676413406.cds305.lo4.hn,1676413406.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 17BD 4 KB
2 KB 21ms
21ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 14 Feb 2023 22:23:26 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1676413406.cds305.lo4.hn,1676413406.cds074.lo4.c
x-sp-metadata: HS256.CO6vsJ8GEogBCiRkMmVlMjlhOS0zOGY5LTQ1ODMtOWFhMi1kMTM0MjE0NDVhYTAQ4LuY6t7p/AIaBgjek7CfBiINMjE3LjY0LjE1MS4yOCjC2QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGEzZjQzNzM0LWRhMmYtNGI2OC1iZWJlLTY2MzNhMWEyOWZhMBjaDiIYCAISFGNkczA3NC5sbzQuaHdjZG4ubmV0.bzJjxKPNYvcPNe+1QaXLhlx5gjZ+ELEqOPnY0+qb03w=

POST
H2 200 ad Show response
v.lkqd.net/ Frame 68D9 52 KB
4 KB 201ms
200ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=90397201&m=&rtv=1&thost=send-anywhere.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: b7be969bf8db816e59a323a5631eff5f222c54d053e217219d91c9149949278e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Feb 2023 22:23:26 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3963

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 97ms
96ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1141155&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60832%2C1%2C&c4=true&c5=&c6=60832&rnd=90397201&m=&rtv=1&thost=send-anywhere.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 14 Feb 2023 22:23:26 GMT
server: nginx

GET
H2

200

cs
cs.lkqd.net/ Frame 17BD
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=2e2e0624-630e-437d-92e8-eaa054541cb1

43 B
308 B

93ms
93ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=2e2e0624-630e-437d-92e8-eaa054541cb1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=2e2e0624-630e-437d-92e8-eaa054541cb1
date: Tue, 14 Feb 2023 22:23:26 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 17BD 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 17BD 43 B
308 B 92ms
91ms Image
image/gif 146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 17BD
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7197319493924728456
pragma: no-cache
date: Tue, 14 Feb 2023 22:23:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 17BD
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.166
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.166 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Pq2pqJ-LRCVrLu76uz-I0tlAlxw
Date: Tue, 14 Feb 2023 22:23:26 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 49B1 0
165 B 96ms
96ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:27 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:26 GMT
server: nginx

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
691 B 115ms
114ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C17168126097034039724648447736%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:27 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1676413406966009-335
Expires: Tue, 14 Feb 2023 22:23:27 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
621 B 70ms
69ms XHR
text/xml 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://send-anywhere.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
889 B 41ms
41ms XHR
application/xml 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C7034039724648447736264347821%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6ef9b1e0697f798dc282acfa505a167ec4b9e4769193d9e300eb795f18fa1ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:27 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://send-anywhere.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 643
expires: Tue, 14 Feb 2023 22:23:27 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
621 B 134ms
133ms XHR
text/xml 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 22:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://send-anywhere.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 816 B
1 KB 25ms
24ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C21024980877034039724648447736,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4c2f0c62bdfa4a7eb2b3c56714352ce8e014e85cc9d1ffcabc5a94d29c245ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
x-sticky-vk: 1676413406860090-382
Expires: Tue, 14 Feb 2023 22:23:26 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 27ms
26ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C7034039724648447736452919559%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 622a4cffae4a682c155b9181bab4999e490e79d956557a060b2d22960a67dd1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:27 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1676413406921085-420
Expires: Tue, 14 Feb 2023 22:23:27 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 50ms
25ms XHR
application/xml 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C7034039724648447736741768152%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: acbfce909bb946e57c56e6d618488c5ce4f03894f487943ed5109b458a4541aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 22:23:27 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://send-anywhere.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1676413406898092-333
Expires: Tue, 14 Feb 2023 22:23:27 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 49B1 0
165 B 99ms
99ms XHR
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://send-anywhere.com
date: Tue, 14 Feb 2023 22:23:27 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 68D9 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame A1B3 158 KB
38 KB 36ms
36ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C7034039724648447736264347821%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 86cf58fa31f5a67cf2cf73c1804d0d2b3c86c6c8a1461ff7caa0f989f0cf02c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:27 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 05:38:16 GMT
server: Apache
etag: "27981-5f1e24a67517b-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38153

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
94ms Preflight
text/plain 146.20.132.191
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.191 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://send-anywhere.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Feb 2023 22:23:27 GMT
server: nginx

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame DF90 38 KB
14 KB 36ms
36ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C7034039724648447736264347821%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=86596
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Tue, 14 Feb 2023 22:23:27 GMT
expires: Wed, 15 Feb 2023 22:26:43 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A1B3 38 KB
14 KB 42ms
41ms Script
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&schain=1.0%2C1%21vidoomy.com%2C60832%2C1%2C7034039724648447736264347821%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:27 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=86596
accept-ranges: bytes
content-length: 13968
expires: Wed, 15 Feb 2023 22:26:43 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DF90 2 KB
2 KB 13ms
13ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24419052&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: dba94bf45114859fb3c81b71d22caa2e3befecdfa3404365be014e51857fb828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 14 Feb 2023 22:23:27 GMT
content-length: 2001
content-type: text/html; charset=UTF-8

GET

bounce
ib.adnxs.com/ Frame 63A0
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D

0
0

GET /
dsp.adfarm1.adition.com/cookie/ Frame 6F6D 0
0

GET sync
sync.srv.stackadapt.com/ Frame EBAB 0
0

GET pm
match.prod.bidr.io/cookie-sync/ Frame FB8A 0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame DE8F 0
0

GET info
uipglob.semasio.net/pubmatic/1/ Frame DF90 0
0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame DF90 95 B
382 B 51ms
21ms Image
image/png 2606:4700:10::6816:1857

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C143C67E-5897-4C37-B6F8-05CF735E1AD9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:23:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 79993553a9ed9001-FRA
access-control-allow-headers: *
content-length: 95

GET match
a.audrte.com/ Frame DF90 0
0

GET

cr
cr.frontend.weborama.fr/ Frame DF90
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=924759426

0
0

GET

sync
a.sportradarserving.com/ Frame DF90
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

0
0

GET C143C67E-5897-4C37-B6F8-05CF735E1AD9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DF90 0
0

GET

SPug
image4.pubmatic.com/AdServer/ Frame DF90
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L0VubalE2uUCfOcanlraflIjCsZTs2U-~A&gdpr=0

0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame DF90 0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame DF90 0
0

POST t
t.lkqd.net/ Frame 49B1 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify.alexametrics.com
URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Send%20Anywhere&time=1676413400828&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&random_number=9740633180&sess_cookie=9cc48194186520676fca7441aba&sess_cookie_flag=1&user_cookie=9cc48194186520676fca7441aba&user_cookie_flag=1&dynamic=true&domain=send-anywhere.com&account=eQzFo1IWx810/9&jsv=20130128&user_lang=en-US

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C143C67E-5897-4C37-B6F8-05CF735E1AD9&sInitiator=external&gdpr=0&gdpr_consent=

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C143C67E-5897-4C37-B6F8-05CF735E1AD9

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=924759426

Domain: a.sportradarserving.com
URL: https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/C143C67E-5897-4C37-B6F8-05CF735E1AD9?gdpr=0&gdpr_consent=

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L0VubalE2uUCfOcanlraflIjCsZTs2U-~A&gdpr=0

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C143C67E-5897-4C37-B6F8-05CF735E1AD9&gdpr=0&gdpr_consent=

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
send-anywhere.com/	1970-01-20 18:25:49	Name: i18next Value: de-DE
send-anywhere.com/	1970-01-20 19:16:13	Name: wcs_bt Value: ce4000b198d5a0:1676413400
.send-anywhere.com/	1970-01-20 09:40:15	Name: __asc Value: 9cc48194186520676fca7441aba
.send-anywhere.com/	1970-01-20 18:27:15	Name: __auc Value: 9cc48194186520676fca7441aba
.send-anywhere.com/	1970-01-20 19:16:13	Name: _ga_SHGDYFMJXL Value: GS1.1.1676413400.1.0.1676413400.60.0.0
.send-anywhere.com/	1970-01-20 19:16:13	Name: _ga Value: GA1.2.1307713303.1676413401
.send-anywhere.com/	1970-01-20 09:41:39	Name: _gid Value: GA1.2.1756156818.1676413401
.send-anywhere.com/	1970-01-20 09:40:13	Name: _dc_gtm_UA-42081347-1 Value: 1
send-anywhere.com/	1970-01-20 19:16:13	Name: device_key Value: 0a0a7586d91779a63d786724863e9454cd79c19897a6dcd08402efbcf05ea990
.send-anywhere.com/	1970-01-20 18:25:49	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Feb+14+2023+22%3A23%3A21+GMT%2B0000+(GMT)&version=6.32.0&isIABGlobal=false&hosts=&consentId=ddd6f2a1-76df-4557-ad45-2da0f8f2a7d2&interactionCount=0&landingPath=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.send-anywhere.com/	1970-01-20 11:49:49	Name: _fbp Value: fb.1.1676413401244.257894807
.ads.stickyadstv.com/	1970-01-20 10:23:25	Name: UID Value: f21ebabd0c87d5fb691de87209b1951
.bidswitch.net/	1970-01-20 18:25:49	Name: tuuid Value: fc5c437b-669f-4f9a-9917-8fb033ba92c7
.bidswitch.net/	1970-01-20 18:25:49	Name: c Value: 1676413401
.bidswitch.net/	1970-01-20 18:25:49	Name: tuuid_lu Value: 1676413401
.wcs.naver.com/	1970-01-20 19:16:13	Name: NWB Value: 3ec131bbb5d5c5e051f1ccac90638352.1676413401475
.turn.com/	1970-01-20 13:59:25	Name: uid Value: 7197319493924728456
sync.srv.stackadapt.com/	1970-01-20 18:25:49	Name: sa-user-id Value: s%3A0-3eada9a8-9f8b-4425-6b2e-eefabb3f88d2.0S%2BpV0zD5c1QKbsZrw6iYS5PqYix%2FTP92YNUKHvT0Rc
.srv.stackadapt.com/	1970-01-20 18:25:49	Name: sa-user-id-v2 Value: s%3APq2pqJ-LRCVrLu76uz-I0tlAlxw.maW89Lrqw84sorB9PGxeELCvmChDt6Eh1sZm8%2Be4NOY
pool.admedo.com/	1970-01-20 18:25:49	Name: tuuid Value: 3b95e7c9-aed3-4b82-b2dd-75555c344be4
pool.admedo.com/	1970-01-20 18:25:49	Name: c Value: 1676413401
pool.admedo.com/	1970-01-20 18:25:49	Name: tuuid_lu Value: 1676413401
send-anywhere.com/	1970-01-20 09:40:24	Name: access_token Value: OTg3MDA3NzUxOTc2MDoxNjc2NDEzNDAxMzcw
.send-anywhere.com/	1970-01-20 19:01:49	Name: __gads Value: ID=fab872f81850e5bc:T=1676413402:S=ALNI_Mb8-GlKAg1xCzmb3pDH4yIfcp0lwA
.send-anywhere.com/	1970-01-20 19:01:49	Name: __gpi Value: UID=00000bb708a0b916:T=1676413402:RT=1676413402:S=ALNI_MYiJbluOJHmODlZrqhny3t44pbrxg
.vidoomy.com/	1970-01-20 18:25:49	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImZjNWM0MzdiLTY2OWYtNGY5YS05OTE3LThmYjAzM2JhOTJjNyIsImV4cGlyZXMiOjE2NzkwMDU0MDJ9fX0=
.doubleclick.net/	1970-01-20 19:01:49	Name: IDE Value: AHWqTUnkTOi3pR5nZ-nLVcwo1CRLO7je-6dItucyxKfw4d_Y7wDveU-g3d2vlngaldU
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 7169
.ads.stickyadstv.com/	1970-01-20 10:00:23	Name: uid-bp-30833 Value: 1
.fwmrm.net/	1970-01-20 13:59:25	Name: _uid Value: "v1073_7200140736166978176"
.ads.stickyadstv.com/	1970-01-20 11:06:37	Name: uid-bp-36033 Value: v1073_7200140736166978176
.ads.stickyadstv.com/	1970-01-20 11:06:37	Name: MRM_UID Value: v1073_7200140736166978176
.ads.stickyadstv.com/	1970-01-20 11:06:37	Name: uid-bp-159 Value: CAESEMEGEK1EaQ0DclaLaQP_Dvc
m.stripe.com/	1970-01-20 19:16:13	Name: m Value: ee5bea79-02a7-4e14-86e6-dc54504a6120e3356e
.send-anywhere.com/	1970-01-20 18:25:49	Name: __stripe_mid Value: 8a804839-699c-4ad5-9981-db3b390ae3e8d40df7
.send-anywhere.com/	1970-01-20 09:40:15	Name: __stripe_sid Value: 4d100761-4783-4591-bd0f-6d9028ef11c34f5e11
.pubmatic.com/	1970-01-20 18:25:49	Name: KADUSERCOOKIE Value: C143C67E-5897-4C37-B6F8-05CF735E1AD9
.pubmatic.com/	1970-01-20 11:49:49	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 11:49:49	Name: DPSync3 Value: 1677542400%3A201_197_219_221
.pubmatic.com/	1970-01-20 11:49:49	Name: SyncRTB3 Value: 1677542400%3A54_161_220_21_13_7_56_8_251%7C1677628800%3A35
.quantserve.com/	1970-01-20 11:49:49	Name: d Value: EM0BCwGlKPijAA
.quantserve.com/	1970-01-20 19:10:27	Name: mc Value: 63ec09dc-d9d4b-01019-34849
.onaudience.com/	1970-01-20 18:25:49	Name: cookie Value: e8e3a59b09d0621b
.onaudience.com/	1970-01-20 09:41:39	Name: done_redirects104 Value: 1
.fiftyt.com/	1970-01-20 18:25:49	Name: fifid Value: 07781b83-1ce8-4ed3-5556-d51e02822ef1
.fiftyt.com/	1970-01-20 18:25:49	Name: cs Value: MTY3NjQxMzQwNHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fLtsR5kX2whktGtXgIS3K9SU7sG7cJge-hnR_ttynltt
.simpli.fi/	1970-01-20 18:27:15	Name: suid Value: D1273FF5EEDB4848BFDA5CAC2CC65AFA
.fiftyt.com/	1970-01-20 09:50:18	Name: fppm Value: 20230214222324
.adform.net/	1970-01-20 10:20:32	Name: C Value: 1
.de17a.com/	1970-01-20 18:18:37	Name: guid Value: 1.78574922712422947
.pubmatic.com/	1970-01-20 10:23:25	Name: KRTBCOOKIE_153 Value: 1923-uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK&KRTB&19420-uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK&KRTB&22979-uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK&KRTB&23403-uQbB9b8MwPWiUZ3yu1eJpr4Fla-iBpCuuwxSGmxK
.pubmatic.com/	1970-01-20 10:23:25	Name: KRTBCOOKIE_80 Value: 16514-CAESEEcj-ooHLjW3Mn4cMEco__U&KRTB&22987-CAESEEcj-ooHLjW3Mn4cMEco__U&KRTB&23025-CAESEEcj-ooHLjW3Mn4cMEco__U&KRTB&23386-CAESEEcj-ooHLjW3Mn4cMEco__U
.adform.net/	1970-01-20 11:06:37	Name: uid Value: 5300975818534935871
.pubmatic.com/	1970-01-20 10:23:25	Name: KRTBCOOKIE_391 Value: 22924-5300975818534935871&KRTB&23263-5300975818534935871
.mathtag.com/	1970-01-20 19:06:08	Name: uuid Value: c7d263ec-09dc-4d00-b2c1-0ed66de12bd1
.pubmatic.com/	1970-01-20 10:23:25	Name: KRTBCOOKIE_336 Value: 5844-78574922712422947
.pubmatic.com/	1970-01-20 10:23:25	Name: KRTBCOOKIE_27 Value: 16735-uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1&KRTB&16736-uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1&KRTB&23019-uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1&KRTB&23114-uid:c7d263ec-09dc-4d00-b2c1-0ed66de12bd1
.pubmatic.com/	1970-01-20 10:23:25	Name: PugT Value: 1676413403
.amazon-adsystem.com/	1970-01-20 15:09:59	Name: ad-id Value: A5r6VLv_t0O2sl2FnoNmH28
.amazon-adsystem.com/	1970-01-20 19:16:13	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 11:49:49	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 11:49:49	Name: pp Value: 156498
.pubmatic.com/	1970-01-20 09:41:39	Name: PMDTSHR Value: cat:
.csync.loopme.me/	1970-01-20 11:48:23	Name: viewer_token Value: 2e2e0624-630e-437d-92e8-eaa054541cb1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Send%20Anywhere&time=1676413400828&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fsend-anywhere.com%2Fweb%2Fdownloads%2FLZERUAA6&random_number=9740633180&sess_cookie=9cc48194186520676fca7441aba&sess_cookie_flag=1&user_cookie=9cc48194186520676fca7441aba&user_cookie_flag=1&dynamic=true&domain=send-anywhere.com&account=eQzFo1IWx810/9&jsv=20130128&user_lang=en-US Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e8e3a59b09d0621b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
8859bbfba150072556272fc0506147c5.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
ad.lkqd.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
adx.adform.net
apis.google.com
aud.pubmatic.com
c1.adform.net
cdn.cookielaw.org
cdn.stickyadstv.com
cdn4.buysellads.net
cdnjs.cloudflare.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
cs.lkqd.net
csync.loopme.me
d31qbv1cthcecs.cloudfront.net
d4a553n24khrv.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
ekr.zdassets.com
file-18-138-227-164.send-anywhere.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js.stripe.com
m.servedby-buysellads.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
q.stripe.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.analytics.google.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
send-anywhere.com
send-anywhere.zendesk.com
sendanywhe.re
simage2.pubmatic.com
srv.buysellads.com
st.pubmatic.com
static.zdassets.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.lkqd.net
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
v.lkqd.net
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
wcs.naver.com
wcs.naver.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.audrte.com
a.sportradarserving.com
ads.stickyadstv.com
certify.alexametrics.com
cr.frontend.weborama.fr
dsp.adfarm1.adition.com
ib.adnxs.com
image4.pubmatic.com
match.prod.bidr.io
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
sync-tm.everesttech.net
sync.srv.stackadapt.com
t.lkqd.net
uipglob.semasio.net
104.16.53.111
104.18.70.113
104.18.72.113
108.128.57.95
108.138.17.48
110.93.147.30
13.224.189.38
13.225.78.123
13.225.78.95
141.94.171.216
142.251.208.130
146.20.128.166
146.20.132.191
151.139.128.10
178.250.0.163
18.138.227.164
185.29.134.248
185.64.189.110
185.64.189.111
185.64.189.229
185.64.190.89
193.108.153.18
198.47.127.19
2.18.36.193
2001:4860:4802:34::36
2001:4de0:ac19::1:b:2b
213.155.156.185
23.37.54.90
2600:9000:20eb:5600:19:7d10:bd80:93a1
2600:9000:223c:dc00:13:8224:bec0:93a1
2606:4700:10::6816:1857
2606:4700::6810:9440
2606:4700::6811:180e
2606:4700::6812:1a55
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:400d:803::200e
2a00:1450:400d:804::2003
2a00:1450:400d:805::2001
2a00:1450:400d:805::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:4025:401::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.19.54.139
3.33.220.150
3.69.181.182
35.201.96.126
35.204.74.118
35.210.53.219
35.214.223.115
37.157.2.238
37.157.6.233
44.233.72.180
46.228.164.11
52.29.59.149
52.29.63.1
52.46.155.104
52.87.37.104
54.187.159.182
54.218.234.75
64.227.70.247
67.220.226.233
69.173.144.139
69.20.43.192
0114ab589ce42ed402ce67254aa06f725f6b53e4a04d2f79b4b01fc92501dcf1
02d0da75beab0ee354a4a763744a30e53cda7587cf89e9c5ed01312fe54843e8
06249d9975c974f035ec22c9962229039e76203f034e19ccb939008c8a10ebff
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0843a8b1ed6c8186089dfddcd0a78101eb7326511fdbd35e6fc9232788cd2770
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb7968ac859bfa8a2b923fb18139d71963d4a8c13298d777230ea9b2c0cddf3
123d1a72aad66a296c9eb53058fb1b2c1537c4c582745c5f23aac661f253c05e
1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
1767fb0be5d1b0cee1088827d7fd4470574e9f9b9f7c69145c973e77bf70b94b
184eaa8803f1aa2d61427b96a3b7b34d25f352f4b9cf3ba38417d96ab37d30c8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18b67a24ca79c181d718ebf526f5547858b753012bc7c9d38d950df4d9d11a7f
1a7b64e4f352350e6220d17ee15893c38da9d0ab4fb950bc22ac8a4897f90b71
221192bd0ad42a7db77edd2aaa5cbb4a3b0fee10d107f953f42c9d5e5b47f102
22f04546bac45019036a5f352b5fef530992effadf84b2c1ffc62e27ddb7a22e
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a
2811b85d977be142abdd18dafaf7bd22b1cf7e6766486530daf97c48b2481451
284cc0215846e0177a71374a6b5edfc803d932978413faca489263984d2866fc
28ad17ca9b414d74104055f240348c8efbdd3820e36942d610aa715f81b0aae3
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34733e6f59010024c036b2a25e711808ef85bfcca8e1afd607ba34bfa762bfb6
36aab678d1021aaf22136cddf38e78b5862c7d14d472ebf79bfe3681604fc383
378df85808f18992a02c729575753613d1e35facf9a65abaa9af181b434fa828
3a8483ebd1ddeeb1c8f0be2e65c019eed4dec1dec6ee7d9058274f683dc64c13
3ab30e780c8b0bcc4998b838a5b30c3bfe28edead312906dc3c12271fae0699a
3d721e8b87d0aa3f3a7d7fe2ed9a49da6c5a47cb2977c16a32ea87be19eb237d
3dadc541ad4ea7eaf3b205b375193f53a70107a022beb8a2e82138a295e0886d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f112e178e380888d1b8c1a22a61becf9db33cc04bd54c961a410bc930dba916
3fef4c190d8296649859de74e1cc0c1f75d535f85fe2fc91c94d21991ae629c8
406a19658aa4d2360fdb055b2de79f5738828c20efdd64c8932ad8c907d43684
4196239cf4cdf6d8aab98bf36a19c2fcb9c3e3550fb01b0a6b313ce6c24237e0
45c978fdeff4d572910ce4c58a1e63b813ca11e6f600feb29a61204579c6c95e
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468e579fe1210fa55525b1c470ed2d1958404512a2dd4fb972cac5ce0ff00b1f
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4c2f0c62bdfa4a7eb2b3c56714352ce8e014e85cc9d1ffcabc5a94d29c245ff7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
509279aeefd010f7339eb30d286df9eff75ac4e46ea353d9e927d36e09bd4b72
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24
53e297669e649405941162ef3af800c2267a85450cc6f033c325336b010151a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
595ce98672716d048593078a59735472c0dbb39a3dfc5851ff5cb42fc11b3f52
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622a4cffae4a682c155b9181bab4999e490e79d956557a060b2d22960a67dd1b
626d691fecf868ad2aff6fb3f15b67d197fc9508fa4185e57358288bd44b02b2
628ea950fe26e339e96f08a99e89e833a82c90e1af5cbff881238fa0bbb20390
6398a1f7512d45058464af4b152e8a964aa37aef399c225155b85d0f690553c0
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65c6f5e7ba65b5155117a3e091ba1c82d4022ee2e169664efd4de8d59f6ad4a1
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
68207dccf2ecf9ad0171618fa5c81ac381f7cb3c151831d23a070da37df76386
6d932fbcfbf764d7a76daa5240ee3653f6c93d79f938ec1b23615d054c3eddfa
6de975208beb540a48d1eba1762623b6a63496dac766ad33f7e71bc6a58ac7c2
6e5b1cd79bb4d502e5b937f49227435b6e2bc4d80a267e0800a61dbc411ce203
6ef9b1e0697f798dc282acfa505a167ec4b9e4769193d9e300eb795f18fa1ff3
740a65e5b0603f86e0939ab4e9e3ae835a8bdbaf75424a91757420570c22d2d5
7439d3888e14cb3e3cc3d55eb23e69de9a22b649556962b42becdeb7ad0dc810
76292a41e0ceb617c0ebb8d07f51e2c1d1d650265865888de72af9ed461227a4
78760d53e7f8cb315ea0ca1ca2893a64a7373d89086f51da9fd343f027c2f326
7a37a7dd846a0e0b60dc7aafbecabe405c2d83f7a2185d1b36fc6c5ba6770eca
7bc793f2ef02cc9c06ef8e06852b3f50556d4d7336b2e59fc1de0ad1fa830bfb
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
82e8f97388db2fde014004e7eb310df127012d3b2a397d98c1e6fe47a5bcd403
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cf58fa31f5a67cf2cf73c1804d0d2b3c86c6c8a1461ff7caa0f989f0cf02c6
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8b5a0b4e50196e99b823f22a7ed11b3408e2169f44ecfbc09738f1ee6c6b15
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
953a35ff5b5d5d1a13fcec06d8fe86f552d115b14a6d0116b5db3336f820c9f8
971f0e97345886c34928338b62f893d6fd0dcb72d9b24356dfa8e0d803220097
980c5d3f2c9d21b9c5ddd170f98a7a3f77a8e96cf2406ed205d5ce339aeabf91
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a155f769a1430ac17a509c17f6533092f7fd99b889b3d4cf6c0bc431c22326d8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a87c3776603e3f167b7c79e81aa8cd52c447d93fb20274e459ab1c4df9508b2a
acbfce909bb946e57c56e6d618488c5ce4f03894f487943ed5109b458a4541aa
adb28257114950cbccf3af0b94c9112fc33039d5705294df03f12cdf6f6489b4
ae41451259aec0453920172b9097440ad46c9187b2c5b1f536cea107537b1c86
b7be969bf8db816e59a323a5631eff5f222c54d053e217219d91c9149949278e
c018d8bd0c23e4d9c275b42dadf171c1ae1c0f1ac4c9811d9c152e296f237831
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3bb6da0075edfb0ca14eddec1e96238e8e899a64c8e84cc7437cff84581d29e
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782
ce17f5d2a157faabccbd5f58b194f18c8ffab94cc03bfb0701a2812db66075da
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dabd3c5bede77600acfa17dd39e93305af80476b04d0aaec4c116d560d2d1d40
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dba94bf45114859fb3c81b71d22caa2e3befecdfa3404365be014e51857fb828
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
de11ab1e8e650b5fe51bf2b956108f08fb2612f60ba730633640a3ec4770eed3
dff3d80d85e9ee2f9ca4ecc4c68b8d1da680a754ba1d998e438de8a9b805fe24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6abd49b684ee5d044a7a0c17c9ecba4b43e293a560642eb4d681396f7b436fb
e861595fa7024f9db1f207582d5d79149e244e4118e7c71975a6c816e9dd5922
eb19f07caa6669de583e56432f8b0df10c22d4cea1362dd4badb2985a5b67fa4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4f824f1bffdb6e9cddff4496c04e968b9b59eafaa561025abc79343d22dcdef
f62078c9887750aa2191f6fa53bbef9af30d070f1980cefb7cdc039cbae1d5b0
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fea5977fe69a13838d8c6df5869751e0baaa5b7c45a54531b02aa8df7a4e1549
ff2772fb1b6b2dd981639a32d57e8d79a75cf4c26d422208a652193404179f6b

send-anywhere.com Open in urlscan Pro 13.225.78.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

312 Requests

77 %HTTPS

34 %IPv6

60 Domains

89 Subdomains

60 IPs

13 Countries

7732 kBTransfer

13665 kBSize

64 Cookies

3 Outgoing links

Page URL History

Redirected requests

312 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

send-anywhere.com Open in urlscan Pro
13.225.78.95 Public Scan

Screenshot
Live screenshot

Full Image

312
Requests

77 %
HTTPS

34 %
IPv6

60
Domains

89
Subdomains

60
IPs

13
Countries

7732 kB
Transfer

13665 kB
Size

64
Cookies

312 HTTP transactions
8 data transactions