urlscan.io logo urlscan.io
SecurityTrails logo

www.file.io Open in urlscan Pro
13.224.189.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://file.io/LD4HUmcyRMQo
Effective URL: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Submission: On October 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 12 countries across 33 domains to perform 98 HTTP transactions. The main IP is 13.224.189.94, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io.
TLS certificate: Issued by Amazon on February 24th 2022. Valid for: a year.
This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.233.226.104 14618 (AMAZON-AES)
34 13.224.189.94 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 64.20.35.44 19318 (IS-AS-1)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 185.89.210.20 29990 (ASN-APPNEX)
1 141.95.33.111 16276 (OVH)
1 1 95.101.200.23 16625 (AKAMAI-AS)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2 203.195.121.141 7979 (SERVERS-COM)
1 18.158.86.133 16509 (AMAZON-02)
1 216.52.2.39 32475 (SINGLEHOP...)
1 213.19.147.45 26120 (RHYTHMONE)
1 3 104.18.18.126 13335 (CLOUDFLAR...)
2 23.35.236.201 16625 (AKAMAI-AS)
1 1 96.16.141.156 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
1 51.89.9.251 16276 (OVH)
1 198.47.127.19 3257 (GTT-BACKB...)
5 5 142.250.185.162 15169 (GOOGLE)
3 3.33.220.150 16509 (AMAZON-02)
1 2 52.46.143.56 16509 (AMAZON-02)
1 4 185.80.39.216 27381 (CASALE-MEDIA)
1 35.214.174.31 15169 (GOOGLE)
1 1 185.183.112.148 60350 (VP)
3 3 103.229.205.243 ()
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 4 37.157.6.252 198622 (ADFORM)
2 2 213.155.156.164 1299 (TWELVE99 ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
1 2a02:2638::22 44788 (ASN-CRITE...)
1 2 52.94.223.37 16509 (AMAZON-02)
1 198.47.127.20 ()
1 1 141.94.171.215 16276 (OVH)
1 35.204.74.118 396982 (GOOGLE-CL...)
1 69.173.144.139 26667 (RUBICONPR...)
1 69.173.151.100 26667 (RUBICONPR...)
98 36
2    34.233.226.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-226-104.compute-1.amazonaws.com
file.io
34    13.224.189.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-94.fra2.r.cloudfront.net
www.file.io
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
1    64.20.35.44 (United States)

ASN19318 (IS-AS-1, US)
PTR: bid.glass
bid.glass
8    2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0a0c9666f77ea5887867ec1f4aafeac2.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    95.101.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com
hbx.media.net
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2600:9000:20eb:1400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    18.158.86.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-86-133.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    213.19.147.45 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
usermatch.targeting.unrulymedia.com
3    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
5    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    35.214.174.31 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 31.174.214.35.bc.googleusercontent.com
csync.loopme.me
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    103.229.205.243 (None, )

ASN- ()
sync.mathtag.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    2a02:2638::22 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    198.47.127.20 (None, )

ASN- ()
image4.pubmatic.com
1    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
36 file.io
file.io — Cisco Umbrella Rank: 545428
www.file.io
789 KB
10 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com — Cisco Umbrella Rank: 671
image2.pubmatic.com — Cisco Umbrella Rank: 894
simage2.pubmatic.com — Cisco Umbrella Rank: 706
image4.pubmatic.com
26 KB
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
131 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
0a0c9666f77ea5887867ec1f4aafeac2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
42 KB
8 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11074
sync.quantumdex.io — Cisco Umbrella Rank: 4696
2 KB
7 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
5 KB
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929
eus.rubiconproject.com — Cisco Umbrella Rank: 596
token.rubiconproject.com — Cisco Umbrella Rank: 682
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852
11 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
3 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
793 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
3 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4553
562 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2142
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
548 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
612 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3372
419 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 679
363 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9937
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1415
300 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
40 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
1 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2970
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
282 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 554
35 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 717
240 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1195
450 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
1 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
792 B
1 bid.glass
bid.glass
317 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
27 KB
98 33
Domain Requested by
34 www.file.io www.file.io
7 sync.quantumdex.io www.file.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
5 cm.g.doubleclick.net 5 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 sync.mathtag.com 3 redirects
3 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
3 ib.adnxs.com 3 redirects
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 simage2.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 eus.rubiconproject.com sync.quantumdex.io
eus.rubiconproject.com
2 ads.pubmatic.com sync.quantumdex.io
ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 www.google-analytics.com www.file.io
www.google-analytics.com
2 file.io 1 redirects www.file.io
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 um.simpli.fi ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 ad4m.at ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 csync.loopme.me ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 onetag-sys.com sync.quantumdex.io
1 secure-assets.rubiconproject.com 1 redirects
1 usermatch.targeting.unrulymedia.com sync.quantumdex.io
1 ap.lijit.com sync.quantumdex.io
1 match.sharethrough.com sync.quantumdex.io
1 s.ad.smaato.net sync.quantumdex.io
1 hbx.media.net 1 redirects
1 id5-sync.com sync.quantumdex.io
1 www.google.com tpc.googlesyndication.com
1 0a0c9666f77ea5887867ec1f4aafeac2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 useast.quantumdex.io www.file.io
1 bid.glass www.file.io
1 www.googletagservices.com www.file.io
1 stats.g.doubleclick.net www.google-analytics.com
98 49

This site contains links to these domains. Also see Links.

Domain
file.io
mrcowboy.com
bid.glass
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
github.com
Subject Issuer Validity Valid
*.file.io
Amazon		 2022-02-24 -
2023-03-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.onezo.bid.glass
R3		 2022-10-02 -
2022-12-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
s.ad.smaato.net
Amazon		 2022-08-22 -
2023-09-20		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 17 frames:

Primary Page: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Frame ID: DA7F4A8087D2B8380EABA23AD5B1EE02
Requests: 49 HTTP requests in this frame

Frame: https://0a0c9666f77ea5887867ec1f4aafeac2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C942F0FFBF67DA30D2AD28371EF30FE6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5EAE4C582C25CB88FD851A8176E9044C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35CCD3B49BB9A05C407437CF200C7819
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 948536A124A83354038A9E06D9E56212
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: EC59D781D74A19CCF27B616750523ED1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 94A982CF0F71D9E694AAA51AF0CDC3C6
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 573C1FFE95D10B7D4D62F18571ABB4B6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 1D0257C68440AF0E3584BB370CEBFE31
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 9F53FE553A33558721F5743C16401D7C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D45E9264-993A-4E94-B856-DD144FE9F843
Frame ID: 879779DA9720D06D8161F21EFF752C94
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9158942738723639914
Frame ID: 78211DD153218D411901F17959F06DA9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d8976359-c6d1-4b00-9ae5-014a34cbe9c0&gdpr=0&gdpr_consent=
Frame ID: D2ECD054F513496882FDF4996991F868
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BA099981B1DB210F5BCD676B84CA6FF8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2405595269968055214&gdpr=0&gdpr_consent=
Frame ID: 39DEE8E6BE93A140C2E433C8E60A2667
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D45E9264-993A-4E94-B856-DD144FE9F843&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: F792FAD82BD8012E7A7A9F00BB44719A
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=D45E9264-993A-4E94-B856-DD144FE9F843
Frame ID: 33122560B6411036573BDC98A0A3D0E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download | file.io

Page URL History Show full URLs

  1. https://file.io/LD4HUmcyRMQo HTTP 302
    https://www.file.io/bf7P/download/LD4HUmcyRMQo Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

98
Requests

84 %
HTTPS

27 %
IPv6

33
Domains

49
Subdomains

36
IPs

12
Countries

1059 kB
Transfer

2648 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://file.io/LD4HUmcyRMQo HTTP 302
    https://www.file.io/bf7P/download/LD4HUmcyRMQo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2405595269968055214
Request Chain 57
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 58
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-o9t9yO9E2uHmmfan1W5UfNNjpyyupY3q7PrdWfs-~A
Request Chain 60
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=55e5203a-09ed-542c-b39d-cb19d0c40dc8
Request Chain 61
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zNDY5YzY5Ni1jMjgxLTNhOWQtYTc1Ni1jMDgyMjU4ZGJjY2IqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTM0NjljNjk2LWMyODEtM2E5ZC1hNzU2LWMwODIyNThkYmNjYjICBhI4AQ==%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zNDY5YzY5Ni1jMjgxLTNhOWQtYTc1Ni1jMDgyMjU4ZGJjY2IqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTM0NjljNjk2LWMyODEtM2E5ZC1hNzU2LWMwODIyNThkYmNjYjICBhI4AQ==&buyeruid=fb8f78b2-5ba0-4632-b212-52c6f3829b8d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zNDY5YzY5Ni1jMjgxLTNhOWQtYTc1Ni1jMDgyMjU4ZGJjY2IqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTM0NjljNjk2LWMyODEtM2E5ZC1hNzU2LWMwODIyNThkYmNjYjICBhI4Ag== HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=771d947f-f997-4448-b280-3b29f11ef5c8&r=Cid1YS0zNDY5YzY5Ni1jMjgxLTNhOWQtYTc1Ni1jMDgyMjU4ZGJjY2IqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTM0NjljNjk2LWMyODEtM2E5ZC1hNzU2LWMwODIyNThkYmNjYjICBhI4Ag== HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3469c696-c281-3a9d-a756-c082258dbccb
Request Chain 65
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 67
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 70
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMAIL8qFV18sdc2ZbqXKUwA&google_cver=1
Request Chain 72
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB&dcc=t
Request Chain 73
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1nG0HFRb6GU5XhTDJWuwgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELD7_ofpqgCMsNWzs-JGZQ0&google_cver=1
Request Chain 75
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 76
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=60296359-c6d1-4400-93bc-36e3407ad03f
Request Chain 79
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D45E9264-993A-4E94-B856-DD144FE9F843 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D45E9264-993A-4E94-B856-DD144FE9F843
Request Chain 80
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9158942738723639914
Request Chain 81
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d8976359-c6d1-4b00-9ae5-014a34cbe9c0&gdpr=0&gdpr_consent=
Request Chain 83
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2405595269968055214&gdpr=0&gdpr_consent=
Request Chain 84
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D45E9264-993A-4E94-B856-DD144FE9F843&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D45E9264-993A-4E94-B856-DD144FE9F843&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1F6SZJk6TpS4Vt0UT-n4Qw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 87
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2cfa6359-c6d1-4500-b093-212c26b0d0c6
Request Chain 88
  • https://pixel.onaudience.com/?partner=214&mapped=D45E9264-993A-4E94-B856-DD144FE9F843 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDQ1RTkyNjQtOTkzQS00RTk0LUI4NTYtREQxNDRGRTlGODQz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED7HYfYFBLZ5zGazyVFH98s&google_cver=1
Request Chain 92
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=913337912603029109

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request LD4HUmcyRMQo
www.file.io/bf7P/download/
Redirect Chain
  • https://file.io/LD4HUmcyRMQo
  • https://www.file.io/bf7P/download/LD4HUmcyRMQo
312 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file.io/bf7P/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59bf619f845b59cb0bc97aa5f41941975609d290501243e71716c429c817f560

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=86400
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 23:46:20 GMT
etag
W/"59b8cce2f892105f8e39b4e78de42577"
last-modified
Mon, 24 Oct 2022 09:05:42 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-id
xvjIr3BjR2yClzEVrG7so-Q8U3UCwWtuDc3Q889fCdNU1SgFNkY_Dg==
x-amz-cf-pop
FRA2-C1
x-amz-id-2
cBXVzcWmd/06eF9I1BOYT3PihMfBEwBBuqtxLMeaPWxKkPPSaIghqx3nZG0e9XLchXJhYp3SSoM=
x-amz-request-id
WWCNA2E4DZFHP0R1
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
content-length
136
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 23:46:19 GMT
location
https://www.file.io/bf7P/download/LD4HUmcyRMQo
retry-after
1
vary
Accept
x-ratelimit-limit
1
x-ratelimit-remaining
7
x-ratelimit-reset
2022-10-26T23:46:20.200Z
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.file.io
URL: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 23:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1826
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 27 Oct 2022 01:15:54 GMT
app-438588750f6b6905c6ff.js
www.file.io/ 		638 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/app-438588750f6b6905c6ff.js
Requested by
Host: www.file.io
URL: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bfbb8f42b3e79f5e8093d4459dbc75d1c9cb481c5c13c31b34ffc1890f0b787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:39 GMT
server
AmazonS3
x-amz-request-id
SRS7GCGA4YHDF860
x-amz-cf-pop
FRA2-C1
etag
W/"bf53dfdd7a2d5df4ce50d7ce51826663"
age
225493
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
YATRA2Z_MvRGKXmJ7FwtT4aF19Z4nL-MUi7uiv9TE0KsLFBOt4U0BQ==
x-amz-id-2
MRv5yEpnbL/ghwGbI9U3f9HIIoPF4wmqt5w61T64V58ftr3ybyrSyoT4QzKMuIgtmVok57bgzBY=
0eceb729-761e2b4090024f08e2ca.js
www.file.io/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/0eceb729-761e2b4090024f08e2ca.js
Requested by
Host: www.file.io
URL: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:34 GMT
server
AmazonS3
x-amz-request-id
SRS63QM99MTAAKZA
x-amz-cf-pop
FRA2-C1
etag
W/"d8fa3e295945b4065c7adabadd2be99b"
age
225493
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
9buneHvUj-dN2frDGn6KlC8uV91r0tiplllvRKIW1Ti3okSq5YSo_w==
x-amz-id-2
JxxWHVWeObB7WjGHfuIsjkF2XMjXJt4HdGiZ9sPl8U8Qp+mDT1zX5IIgZVajyZ2rSyGPv1tJpY8=
d6a9949e-4e9c210da2d83a376ddb.js
www.file.io/ 		51 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
Requested by
Host: www.file.io
URL: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:42 GMT
server
AmazonS3
x-amz-request-id
SRSE0J7DGTDV1TD9
x-amz-cf-pop
FRA2-C1
etag
W/"2feda6389a53a29ad5102ef7918752f6"
age
225493
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
RAA9sp6yup50mZfayaYfcAgxVqIv519sTOXSilrRrn046xVt6eAOzg==
x-amz-id-2
L3LHmssI5k48PAA48H5dihyJAqH4BrKFEt7CjYyYYAjB75SsFBybBYOKyBMXO5BtqfHHeczAYI0=
e82996df-3c73e38611643c5bb219.js
www.file.io/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e82996df-3c73e38611643c5bb219.js
Requested by
Host: www.file.io
URL: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:42 GMT
server
AmazonS3
x-amz-request-id
SRSCBT94885ZFG0W
x-amz-cf-pop
FRA2-C1
etag
W/"785aafc2bda0f767992456b4ba1b0627"
age
225493
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
FIOss4vL8QA9ydAbsVuFVZi2mTapXC8QImO20-Ls8MMYUJvYUM8r7w==
x-amz-id-2
tbFVwHmDl6PIyjM2veQ9XlBQ7NLY7EL6vuloNI8hT9UwcuvFvbPQYDlXBRUSz8cOlwNPk/Fav7c=
framework-8fce40ee519418a713c9.js
www.file.io/ 		145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/framework-8fce40ee519418a713c9.js
Requested by
Host: www.file.io
URL: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:43 GMT
server
AmazonS3
x-amz-request-id
SRSCP1BDBWX1GZWE
x-amz-cf-pop
FRA2-C1
etag
W/"c4a5f7717ceee6ea81514ff62873ada9"
age
225493
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
9PVtrcYDa07rtTLAI4-vId-rUhLFBSFd7o81Tpg5Jpa0lZoG8540-w==
x-amz-id-2
o6oF1SEnq8r3RjN03V8Onv2fS9J2Po2Bk5PUzzHs7He60/9IHlLDI5L5FNx8cWFpRU03221Mcoc=
webpack-runtime-048164bed35c94f5e17a.js
www.file.io/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Requested by
Host: www.file.io
URL: https://www.file.io/bf7P/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10dcaaf69bd430ace51c25e2c8a0d676faaedf2bce0acabaa1def47c7bcc0ad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:07:31 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:47 GMT
server
AmazonS3
x-amz-request-id
MRVE1V48XWWMW8H8
x-amz-cf-pop
FRA2-C1
etag
W/"e0397cf582f6a185758876a8b057cc11"
age
225530
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
EDUOjrpm3R8CjgVjhuL_flO-aq9_ripIAODI9tdmUNZqu1bx1oiW0w==
x-amz-id-2
VU45pltBY/MukrZU57W0JAeKGZKnxSRqtGnH5wfRnH9we+KjGlFDKMwSlmmg/zwGqC8TIl4N1l0=
app-data.json
www.file.io/page-data/ 		50 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27b75a7887b7fd3716f7abff1ede95e77201eab7cbb4cc167d250c2082a56871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 05:52:46 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
NAHD0QV8986YQDGD
x-amz-cf-pop
FRA2-C1
etag
"c2add5c1ce131d8981ee8ababaf5ec74"
age
64415
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
50
x-amz-id-2
cem4N/LEZ5hv8h0RsefRB9nuV8rimV5hVlXAw8Umy2bNAtwimmw9v11YJdIvmeVIX51x91NJjwU=
x-amz-cf-id
wtQz8Hd_8ASHLfsk5b9ijtl3IpMDKSVmM31ZRlYuGr5JJdGS9iLpdg==
page-data.json
www.file.io/page-data/downloadStopGap/ 		208 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/downloadStopGap/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 05:52:46 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
NAH6W6HP351WCMWF
x-amz-cf-pop
FRA2-C1
etag
"a2bc2e30a9725de62058caf12cd11a0e"
age
64415
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
208
x-amz-id-2
n5vpt1YutDhEjv9JCfkC8gjNDgv+llHaHuiZvqKcG5dDlA+SMs5wo75L8hDN5tj5y444mqkG7ok=
x-amz-cf-id
kPrZLJqC83iWuVQDSoEROZjaNFCbK9dFu32AQRpaCMT2Y0QxzhE29Q==
cb1608f2-c3c6ab3068acdccdccc5.js
www.file.io/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/cb1608f2-c3c6ab3068acdccdccc5.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb26ba7d6c1e90849f333847be322f55b4de508d294467d7c8a7f1cd70d366f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:39 GMT
server
AmazonS3
x-amz-request-id
W7FN4MK6W17MCM8E
x-amz-cf-pop
FRA2-C1
etag
W/"be2740357851b35d3b50ac372bdc1864"
age
225492
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
LOqPbGW5NUQmGntafay_WvSfkX1MrWk2OxOsBE99-o24bseuVPQt5w==
x-amz-id-2
VypVug1DIpGbHsNTadoU0QGmXqpk2R2GxzJzXaYMLpeGu2+YEwiRX4CtA+pfOAWH0UwAGZM/aI8=
a9a7754c-f1b5f9c5144f62adc766.js
www.file.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:36 GMT
server
AmazonS3
x-amz-request-id
W7FV1F952NQGEQX5
x-amz-cf-pop
FRA2-C1
etag
W/"4ae04cdf11989fa265bb8cc9b598298f"
age
225492
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
nQE_0PL5Mqg8trbg4WtKy5UHR6ikKaoF1rK_05DiFJRd1dT5KVDIZg==
x-amz-id-2
aBMEd5ZuNqmIoPAu76M55AHelZKLSTOteblTs1nV76N0dFkFM+x393D1YC/08Vn93PrHbp9IGRU=
381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js
www.file.io/ 		117 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a057fa3a8cb5ddac308191c23926e496ed8874cc71e6640806a09760e6732a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:35 GMT
server
AmazonS3
x-amz-request-id
W7FWHCWENB9747XM
x-amz-cf-pop
FRA2-C1
etag
W/"d7b6ca59f2fccbba3f62d8b48c85f4ab"
age
225492
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
BHtD3GifbTJzueGkYwq0TkRLjSod6dzpFhbBKjr5sewBtQusTA2Liw==
x-amz-id-2
Gj21ZWbkKC5kP3+7VOu6YQJOMs3J+tgeoW+uXLf4UR0QIy7vbR5BGDeu2WNSk/Fq8dGtTxd9kg0=
a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
www.file.io/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:36 GMT
server
AmazonS3
x-amz-request-id
W7FJJ34V3GD5AKP2
x-amz-cf-pop
FRA2-C1
etag
W/"2b921aab089ea83ec7bb825f970e0b68"
age
225492
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
SW7KN6deYMES_JVjfETzzXudn9SES67DN7gO5gzlB4qG04fgcSVFSQ==
x-amz-id-2
1UO22uvA0B/HYbkcJl0IkwJwf074iSXMkLcO/ho4H+ROBjm3ZnVr4zV0tFfeRll/7p2P/rUYc5aJd0bMbUoXzQ==
6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js
www.file.io/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15a6c1f335e08bfbef5ddca3572088dfa897eaa5a7c020885e33a73e769e2833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:35 GMT
server
AmazonS3
x-amz-request-id
W7FJHG0Z276CEB0H
x-amz-cf-pop
FRA2-C1
etag
W/"28a08914b667bd7d6c376d859bef83e6"
age
225492
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
CsbgSkx85Pv8JzaL5_tEjGZMIEEjHqObCl1TUquTrSIXyidResZHZQ==
x-amz-id-2
PpWFgMl0mGur71Fgu8M1djCeDik58sepZIqKNI8RUykvw7FUJCXehEhu0llC2N842fTw/TAluKA=
e98b170d240584cc273f592e36a9137245db2ee9-dfa71bc7c182e143d729.js
www.file.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e98b170d240584cc273f592e36a9137245db2ee9-dfa71bc7c182e143d729.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c6c40892eeac45630835e71ea88a7bee39454223bc54fdeae25ed642cb11a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:07:32 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:43 GMT
server
AmazonS3
x-amz-request-id
YHPZ29BT8843JN7N
x-amz-cf-pop
FRA2-C1
etag
W/"d3020b9765fef3dbbe2edff35496bdd2"
age
225529
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
9nieqhF3vDpo4IpCo5wrCcFeqC3D5rxeA1X5wUKv-DKMe79yEr2fEA==
x-amz-id-2
w8+NNEicWy/Rmxpq7QfR+0U8bb3q8Hmh9d5g6HpFQjTlNiMjZ2PtSMphgtaTBp/2vq0i6hXs5Bk=
03f9af1d91ffaa672a221f7c6442c75365c47a72-5283f7f11eb1e01106ce.js
www.file.io/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-5283f7f11eb1e01106ce.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3176130038be20ee8b06cd5fe0581a5af3cc00ad74fbe357bf912dbf597e354c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:12 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:34 GMT
server
AmazonS3
x-amz-request-id
RG6XWD8M38CJ7AS9
x-amz-cf-pop
FRA2-C1
etag
W/"95dc1a5c4346aabef840745fe774bb62"
age
225489
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
AtrGP-zdIRRDYrltGXmooU4fcionoCPCSvmqKiQZgic4VaazxCtZ5Q==
x-amz-id-2
ZVr6Qlw06+8gFKfcSc3/MbkSINm5tCPO2V94mr6lHw6MNoxw49gxrZdbTVqVtV0o7SBIThw6TMg0RqnedtONPw==
component---src-pages-download-stop-gap-js-34bb5ee9867992aabea8.js
www.file.io/ 		400 B
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-download-stop-gap-js-34bb5ee9867992aabea8.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdf482b1595dea6b2f3db2b253bca64e053aabbdf23a0b2fb5cc40d9e0c745ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:11:28 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:40 GMT
server
AmazonS3
x-amz-request-id
H9B2AGQY8G4Z9GQP
x-amz-cf-pop
FRA2-C1
etag
"3225401b5dee9afc24ffc305b1eac20e"
age
225293
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
400
x-amz-id-2
1euIjD0IuvdfG4gxfdP1pIDIeArwZ6NkVDgDevuBo4+3YpYrM60oUBAb1sg1azHK6q73U+xZEZ4=
x-amz-cf-id
mQ7OKgxLkYOysj46kMXtFBupoNw1-bgiZYP8ghLEqX8wQYP1OJCJww==
1655680770.json
www.file.io/page-data/sq/d/ 		447 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1655680770.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:01:05 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
H5W1HGD1PSHZ20D5
x-amz-cf-pop
FRA2-C1
etag
"c839c57483bd5d788408e7fc88e7cc8d"
age
81916
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
447
x-amz-id-2
SFbmDmF9GjegQ6jxBqvWu6bOXNGBVX+ix9fVBIn+BpDEzUVnlKrGrGgjvmkMtImB8bjucDzrCc8=
x-amz-cf-id
fHsQMU1IpjiKSrlROBkl0Lrg9iweUDB6lVmzLfD7N0d6ZB4PBP58Hw==
1810866655.json
www.file.io/page-data/sq/d/ 		2 KB
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1810866655.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 04:11:58 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
KRWWZE0TDPRT23V6
x-amz-cf-pop
FRA2-C1
etag
W/"7bb0144e136507cd9bfbaceb72189d09"
age
70463
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
3-ybZUJIWrlRGnHgsGKY8umhbjxaX-qX0HURjk6BNnIvZw7oyR20Iw==
x-amz-id-2
VC2eBJty9CW5/QM/e1ebShJS4t0U3A9/9NoakVkr2eiviSNfL3iERp1Wo9PuO/ElqpqxAXAbR30=
Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:09:02 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:46 GMT
server
AmazonS3
x-amz-request-id
W3XRACMSY7QT2C89
x-amz-cf-pop
FRA2-C1
etag
"8dd26c3dd0125fb16ce19b8f5e8273fb"
age
225439
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
324864
x-amz-id-2
sSSvEVeGWnw7g7RUFP6xImOcCkbUsEPYe9N2/GzPM+Ki8UbN8r3w1aufQi9nenxqJwIhpSVIU/c=
x-amz-cf-id
O9k3VzhSPSKm_fAMJn44_I9Z2D791GCENvz7VK-6LHjylLQQRiA5XQ==
metadata
file.io/LD4HUmcyRMQo/ 		484 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://file.io/LD4HUmcyRMQo/metadata
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.226.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-226-104.compute-1.amazonaws.com
Software
/
Resource Hash
c7dd5d81b2a12deebfebb565d485ebb7b1743b91a015bcf14bd8bbdbff89e678

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:20 GMT
etag
W/"1e4-YBUHda5OuM3A4KCiKafhyT0MebU"
x-ratelimit-remaining
7
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
x-ratelimit-reset
2022-10-26T23:46:21.875Z
x-ratelimit-limit
1
access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
content-length
484
retry-after
1
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=742447929&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fbf7P%2Fdownload%2FLD4HUmcyRMQo&dp=%2Fbf7P%2Fdownload%2FLD4HUmcyRMQo&ul=en-us&de=UTF-8&dt=Download%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1375870013&gjid=1649602272&cid=878729718.1666827980&tid=UA-65658019-1&_gid=75530056.1666827980&_r=1&_slc=1&z=2023736693
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:46:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=878729718.1666827980&jid=1375870013&gjid=1649602272&_gid=75530056.1666827980&_u=aEBAAEAAAAAAACAAI~&z=2058984341
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 26 Oct 2022 23:46:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.file.io
URL: https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-5283f7f11eb1e01106ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44aca1eae3e39ba997248990086d3869b5c11e0b9061db488cc214e12d77b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27374
x-xss-protection
0
server
sffe
etag
"1375 / 929 of 1000 / last-modified: 1666821924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Oct 2022 23:46:21 GMT
prebid7.18.0.js
www.file.io/scripts/ 		163 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/scripts/prebid7.18.0.js
Requested by
Host: www.file.io
URL: https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-5283f7f11eb1e01106ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:10 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:45 GMT
server
AmazonS3
x-amz-request-id
48T0FY3STDN5MWBT
x-amz-cf-pop
FRA2-C1
etag
W/"c488e1001b33af7893c3558f28b0fac8"
age
225492
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
-YFsOPXOTzSVe7fhu_EMMtwUmmWtlWCwyDgt1PiKJpKf2mBJW-APaA==
x-amz-id-2
jnwnZcd/3jvZD0E7Tmkj6ZJ+9PRo2To6H8j2dqVdeA6aRlxJs4Y0ykD1oxUEA+Abedi2b3FbVl4=
ads-hodgepodge-ad-61589d581d2636ac2a38.js
www.file.io/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/ads-hodgepodge-ad-61589d581d2636ac2a38.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
870981ad8d93bcec8b2a487ee4efb161adf0241410ecec1fcb33c14a994555e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:07:32 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:38 GMT
server
AmazonS3
x-amz-request-id
YHPG4XEBXP3J7026
x-amz-cf-pop
FRA2-C1
etag
W/"8faee19bb807b3a2874fa928075b1226"
age
225530
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
_Q638lengVX3ARxgCG2k78iWfMmi6xqkrd99i9csGmE_tF8apyEerQ==
x-amz-id-2
vuNanSigU3fkikvrRjxZUFGmY2a0w09DJx6ygVmeVqrZH8fZc8KclvaXh9vpxKzJspPit/p8/DE=
pubads_impl_2022102001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130516
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 26 Oct 2023 23:06:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		65 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ff8085ad02fa11d476c2329de7ee3df744e70655075a378a95b6a1e1278083b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71
x-xss-protection
0
expires
Wed, 26 Oct 2022 23:46:21 GMT
hb.php
bid.glass/ad/ 		19 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.glass/ad/hb.php?src=prebid_prebid_7.18.0
Requested by
Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.20.35.44 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
bid.glass
Software
Apache /
Resource Hash
6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 26 Oct 2022 23:46:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
pbjs
useast.quantumdex.io/auction/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 26 Oct 2022 23:46:21 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76071222a8385c85-FRA
access-control-allow-methods
POST, GET
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.file.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2936518832213161&correlator=1258689008881541&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=22175459031%2Cfileio-halfpage-gallery-1%2Cfileio-halfpage-gallery-2%2Cfileio-halfpage-gallery-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x600%2C300x600%2C300x600&ifi=1&adks=2093335146%2C3306312227%2C2065559030&sfv=1-0-38&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1666827981502&lmt=1666602342&dlt=1666827980044&idt=1164&adxs=393%2C806%2C1219&adys=328%2C328%2C328&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fbf7P%2Fdownload%2FLD4HUmcyRMQo&frm=20&vis=1&psz=413x600%7C413x600%7C413x600&msz=300x600%7C300x600%7C300x600&fws=0%2C0%2C0&ohw=0%2C0%2C0&ga_vid=878729718.1666827980&ga_sid=1666827982&ga_hid=742447929&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8c8bae5eeec1e33063917f848eeff9b240630cc1b5d93a29529998c95e75d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
411
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04abeffb96f97bd13ab355781f2a812a83e5e116a72690d1a64dcb40358eeeca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11178
x-xss-protection
0
container.html
0a0c9666f77ea5887867ec1f4aafeac2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C942 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0a0c9666f77ea5887867ec1f4aafeac2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 23:46:21 GMT
expires
Thu, 26 Oct 2023 23:46:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 23:46:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5EAE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 23:04:00 GMT
expires
Thu, 26 Oct 2023 23:04:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 35CC 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6d546fa05459e7e9b0886ec5db3576f280d171d52eb27f128e993cc6a98b949b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0olsCF-rpr23mEpOjgkKag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-0olsCF-rpr23mEpOjgkKag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 23:46:21 GMT
expires
Wed, 26 Oct 2022 23:46:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
pagead2.googlesyndication.com/bg/ Frame 5EAE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16118
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 18:00:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 35CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=2936518832213161&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5EAE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?v1XaDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=2936518832213161&bg=!9vWl9bHNAAZPh4lnb4c7ACkAdvg8WiG1vIxY2nNDvsPrahJmT6E_bGvYjhOn942IlsBkbyicesEkrAIAAABNUgAAAARoAQeZAqceVn45TpqjVrXXZBBBa_snPDI4iv8wmpiACu914UKY4eZnJ3RGy4Ow4q5XmDzP1uJ-0atnua-fiYlzGXu7u_eLo73N8N4mM-81ATrT9d6Xvg5ltIimfxJZ4ll9kddKNoq0qUiN7UHPOPJUQ_NSGY0zKmoBnh2rIwldNxAVAmfDEILVl7jnDevNvop1GO-jK-ZHL_d0Uz5BWRgvV3ZNMqNp45YvcE31vztRRqO4VtyXdI_uMCBKQYT1HVmbg_TkTZQ55_4dJVfi2qCwY2B93AT4A7s26raHv-n_pD6rRd6f79OBg5bk3IPnobbjoheSRASf0VIBS4QGmVR2h9OwfOlNYv-FlOh787ahHjuZO4Mlua_JFCdezUwsSGOaZ9MuoPzJB_D-JnXs_nkVFil8w6h4H8DZ64HKxkXYZCKcv4QyqTQHmHWLZZucXhq4Ty5jxyaX4evV4ASnfyYZ7LP7YC472Mo76rov0oQxV1Fv3ecgePUaJD_ZhsCOou7HQEvDJqvpskG7o7hvFhpye0dC9-DjihvnWgtKGy5N6zQpsDxZ_gYp3nmKk5SA0u-Ieq4gTi345x6TkRkGO9KaCTArLpD6VZL2I1rpbDgKMpqD0mozZqOMA7-5GrKoIUoCp-i2Nvru6Frcskxd1_upoTZ0-koM-2NHkWqsQoT8dI461pgKoVs6LmDqjl33Gt95-JtfAFlBssWvhycDDcYNEnT7zHLSGOgiJ_XasFi50Cp7aaHptA-nTq5CQgJriT4uvHLLAWFmuYosuwUjmRXcgGti5rWLXkxAFJO6B-WJheNeoaeR8hVfaUaXdFaPcWQ5z7koD2P9b7_o6so1j_eFY9JedlwCWEkxqM_FrUoR4_3_puwfXpvEqc1bGhyib-p8RLSz4201ubDgk629
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
page-data.json
www.file.io/page-data/about/ 		0
613 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9J9D5YHVYVCVJPW
x-amz-cf-pop
FRA2-C1
etag
"cfb91ae7cd0473e276a9361907a683fc"
age
53394
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
147
x-amz-id-2
KSh/lgmJotrOtP5/L+3OG41Tm0i4SnWIvLKO99Rfq7U9DAYG6Z1+sy/+5LKbCiVET35HBccsWtc=
x-amz-cf-id
TWwfdVneJomqNiiHEcZ3guO0U3dQatwwCncfuYI6wqOBFwvcTMwRtA==
page-data.json
www.file.io/page-data/plans/ 		0
607 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9JETX9DX1FCJDHP
x-amz-cf-pop
FRA2-C1
etag
"1022652c2bef86b84cb16cd11c50b2ca"
age
53393
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
141
x-amz-id-2
5FWnQzJKdaZjAs3gesviENfnq6EFDOUA0Ds+MFod12FxfhtQG69QGvNbQlukP8Fhnd2ghdZeRk8=
x-amz-cf-id
oOjrnxGQ_7frUxOESgzBqk4DUriv2ulhEVQMqGZjTTWNCRjqLSR1iA==
page-data.json
www.file.io/page-data/login/ 		0
602 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9JFHZYBE7G934TD
x-amz-cf-pop
FRA2-C1
etag
"4f561e1f747160f0e60849c13facafec"
age
53394
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
135
x-amz-id-2
8f+60HMSfNwvJw7kT6UzFRiJG2q4ELPRLybJ2AID558VcubH9zQWd/OHM+9CUmnucpmXeocGto4=
x-amz-cf-id
6HzUnWVQHgrMZKQIXmQ0vfnh06kex0rAxprkhXLYeE8msNYLfCRR_w==
page-data.json
www.file.io/page-data/signup/ 		0
603 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 15:12:30 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
2JYDKBXPAENJRG2P
x-amz-cf-pop
FRA2-C1
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
age
30834
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
137
x-amz-id-2
ylJlqxVtqc7QxHAdfHxZFG0B1+6eH/aCac09kFwdQHtp6cwlSI49I/uJCcu1DgYRb2pr5ALVbFI=
x-amz-cf-id
K04UWRfm5J_rofg9yZFmve6xwTRR-JmJGyDiqldsrH0XvZ0l4E_46Q==
page-data.json
www.file.io/page-data/plans/ 		141 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9JETX9DX1FCJDHP
x-amz-cf-pop
FRA2-C1
etag
"1022652c2bef86b84cb16cd11c50b2ca"
age
53393
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
141
x-amz-id-2
5FWnQzJKdaZjAs3gesviENfnq6EFDOUA0Ds+MFod12FxfhtQG69QGvNbQlukP8Fhnd2ghdZeRk8=
x-amz-cf-id
KX8d8e-Rfa1OM6R_o9SMlZiCVxRHg-lVAcrAgCN78-ei0pYJhixElQ==
page-data.json
www.file.io/page-data/signup/ 		137 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 15:12:30 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
2JYDKBXPAENJRG2P
x-amz-cf-pop
FRA2-C1
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
age
30834
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
137
x-amz-id-2
ylJlqxVtqc7QxHAdfHxZFG0B1+6eH/aCac09kFwdQHtp6cwlSI49I/uJCcu1DgYRb2pr5ALVbFI=
x-amz-cf-id
txPXSvLhbd21y34mT3Hghh32KBRDAFLwUKbmmH0Qb4vgZgnWuG5aVg==
page-data.json
www.file.io/page-data/login/ 		135 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9JFHZYBE7G934TD
x-amz-cf-pop
FRA2-C1
etag
"4f561e1f747160f0e60849c13facafec"
age
53394
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
135
x-amz-id-2
8f+60HMSfNwvJw7kT6UzFRiJG2q4ELPRLybJ2AID558VcubH9zQWd/OHM+9CUmnucpmXeocGto4=
x-amz-cf-id
-7_axrHHxylaSdo-qDBte0YSNH5jJF7ukeLbafPw8kyOAjCs04fneQ==
component---src-pages-signup-js-1a83f5fd1238ade6fa23.js
www.file.io/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-signup-js-1a83f5fd1238ade6fa23.js
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:15 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:42 GMT
server
AmazonS3
x-amz-request-id
B7RBSF5MRZCDY1HQ
x-amz-cf-pop
FRA2-C1
etag
W/"095f55f0ba100895ad857054e6e6b681"
age
225489
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
CIDAIAJp-ORXMRnksUBlBikJ9i2X4fQaQ8XBGvgFJC60ca6j5EtFWQ==
x-amz-id-2
RH8kvY01kCV8Ls4t5OiglMqKDBWGxen+vK7RSB5lQhuQHWXFGWxAqt8GWeCjaAJVYyrualRTXcs=
component---src-pages-login-js-8b4ef13d8d99765162da.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-login-js-8b4ef13d8d99765162da.js
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:15 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:41 GMT
server
AmazonS3
x-amz-request-id
B7R1SJGZTRXMPQZX
x-amz-cf-pop
FRA2-C1
etag
W/"42d35658c40d04d6d2845a41aded67f8"
age
225489
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
XGMw9Gg78zfd_IAUydLnE_3Zi531PuK_LhifQWkhedmbv0PFU-6TmA==
x-amz-id-2
+5abAOeyBkZnZRrQ+EvIMb02ALT/cm4+O6c6tudEYBdHnXW5BHzFN0wUvZj7z1gGQqGJeBjdOTE=
component---src-pages-plans-index-js-96d405d5fd543f9313a9.js
www.file.io/ 		0
942 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-plans-index-js-96d405d5fd543f9313a9.js
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:09:59 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:41 GMT
server
AmazonS3
x-amz-request-id
RM65436RZYTKGM53
x-amz-cf-pop
FRA2-C1
etag
"8139bb6ed64141936a03214f930ef478"
age
225385
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
473
x-amz-id-2
QiTR0QXWm/mCtV+if8INBihD7+Qz1UqII0v8L9usJ7GJ7c49SqxQmekXZ6MX/he/9mYkfbwN+5I=
x-amz-cf-id
tJS0ypgtv6GILjwCHhRjlXfmYANnIAy7woqRYkb5p9lM4cpERyK3_w==
page-data.json
www.file.io/page-data/about/ 		147 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9J9D5YHVYVCVJPW
x-amz-cf-pop
FRA2-C1
etag
"cfb91ae7cd0473e276a9361907a683fc"
age
53394
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
147
x-amz-id-2
KSh/lgmJotrOtP5/L+3OG41Tm0i4SnWIvLKO99Rfq7U9DAYG6Z1+sy/+5LKbCiVET35HBccsWtc=
x-amz-cf-id
V_cuR4muIXwY_rcBnRZ_JKDxe9ijV0iL-v9K2rNJHVE9vKhDyiPNSw==
component---src-pages-about-js-84374eec6d3399a16108.js
www.file.io/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-about-js-84374eec6d3399a16108.js
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/bf7P/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 04:23:09 GMT
content-encoding
br
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:39 GMT
server
AmazonS3
x-amz-request-id
E5BPFTGEKQTEG3QS
x-amz-cf-pop
FRA2-C1
etag
W/"d57f30a1cae8ec119e561c026feb5e75"
age
69795
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
7lY9U114M2hzocrM6k9wfb05sT8Mt8KiY4WsgrRPsiX6cx4idSZscQ==
x-amz-id-2
YsGK8j6hZjyRDWR4vfDHLIlk7EpMwg/q/e5/KowQoXUL53+9NyFPGfmsxxrjS2poOt1r3vNoJ4E=
pbjs
sync.quantumdex.io/usersync/ Frame 9485 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f9d739f074d91e2ffba3a007ca87ff10cf1017fa86c4ab4b19e2bc0e39cda4

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
760712371ffa5c85-FRA
content-encoding
gzip
content-type
text/html
date
Wed, 26 Oct 2022 23:46:24 GMT
server
cloudflare
setuid
sync.quantumdex.io/ Frame 9485
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2405595269968055214
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2405595269968055214
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
760712393a4b5c85-FRA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:46:24 GMT
AN-X-Request-Uuid
5eef6dde-d94e-4c82-9900-f5e5a4f3b5f8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2405595269968055214
Connection
keep-alive
X-Proxy-Origin
217.64.151.31; 217.64.151.31; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame 9485 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 26 Oct 2022 23:46:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 9485
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
760712392a255c85-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 26 Oct 2022 23:46:24 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 26 Oct 2022 23:46:24 GMT
setuid
sync.quantumdex.io/ Frame 9485
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-o9t9yO9E2uHmmfan1W5UfNNjpyyupY3q7PrdWfs-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-o9t9yO9E2uHmmfan1W5UfNNjpyyupY3q7PrdWfs-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
760712393a415c85-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-o9t9yO9E2uHmmfan1W5UfNNjpyyupY3q7PrdWfs-~A
date
Wed, 26 Oct 2022 23:46:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 9485 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
cache-control
no-cache, must-revalidate
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
MYGcv_u_MXuwk25WzLu4TiJIPqv_V_78arkqiax6tav_omNbmZlCFg==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 9485
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=55e5203a-09ed-542c-b39d-cb19d0c40dc8
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=55e5203a-09ed-542c-b39d-cb19d0c40dc8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7607123c5dd75c85-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=55e5203a-09ed-542c-b39d-cb19d0c40dc8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 9485
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zNDY5YzY5Ni1jMjgxLTNhOWQtYTc1Ni1jMDgyMjU4ZGJjY2IqYGh0dHBzOi8vc3lu...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zNDY5YzY5Ni1jMjgxLTNhOWQtYTc1Ni1jMDgyMjU4ZGJjY2IqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTM0NjljNjk2LWMyODEtM...
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zNDY5YzY5Ni1jMjgxLTNhOWQtYTc1Ni1jMDgyMjU4ZG...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=771d947f-f997-4448-b280-3b29f11ef5c8&r=Cid1YS0zNDY5YzY5Ni1jMjgxLTNhOWQtYTc1Ni1jMDgyMjU4ZGJjY2IqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZX...
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3469c696-c281-3a9d-a756-c082258dbccb
0
0
v1
match.sharethrough.com/FGMrCMMc/ Frame 9485 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-133.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
pixel
ap.lijit.com/ Frame 9485 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 26 Oct 2022 23:46:24 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
pbsync
usermatch.targeting.unrulymedia.com/ Frame EC59 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 94A9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c57cdd407c85d3f69dcd639df4421ba5dd8a885841074177d47ffa3483d00f22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
760712393969994e-FRA
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 23:46:24 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76071238ee8e9c12-FRA
content-length
0
date
Wed, 26 Oct 2022 23:46:24 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 573C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37261
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 23:46:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 27 Oct 2022 10:07:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1D02
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Oct 2022 23:46:24 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 26 Oct 2022 23:46:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 9F53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
PugMaster
image6.pubmatic.com/AdServer/ Frame 573C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29380581&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
c494e8ebd67356deb2cf11784857fe59c2ba1c7caf87b5e3c12d9d84bb9556d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 23:46:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/ Frame 94A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMAIL8qFV18sdc2ZbqXKUwA&google_cver=1
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMAIL8qFV18sdc2ZbqXKUwA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:46:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76071239fa3e994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:46:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMAIL8qFV18sdc2ZbqXKUwA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 94A9 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 23:46:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 94A9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:46:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W4MAJY00P96QXJ554D8W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:46:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RE6YMB883NTS9J53H5ZE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 94A9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1nG0HFRb6GU5XhTDJWuwgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELD7_ofpqgCMsNWzs-JGZQ0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELD7_ofpqgCMsNWzs-JGZQ0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:46:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:46:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELD7_ofpqgCMsNWzs-JGZQ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
csync.loopme.me/ Frame 94A9 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.174.31 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
31.174.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
server
_
crum
dsum-sec.casalemedia.com/ Frame 94A9
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:46:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Wed, 26 Oct 2022 23:46:24 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 94A9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=60296359-c6d1-4400-93bc-36e3407ad03f
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=60296359-c6d1-4400-93bc-36e3407ad03f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:46:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 26 Oct 2022 23:46:25 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x8 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=60296359-c6d1-4400-93bc-36e3407ad03f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 Oct 2022 23:46:24 GMT
ix
ad4m.at/ad/sim/ Frame 94A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame 94A9 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Y1nG0HFRb6GU5XhTDJWuwgAABJoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
760712397a945c85-FRA
content-length
43
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame 8797
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D45E9264-993A-4E94-B856-DD144FE9F843
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D45E9264-993A-4E94-B856-DD144FE9F843
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D45E9264-993A-4E94-B856-DD144FE9F843
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 26 Oct 2022 23:46:25 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 26 Oct 2022 23:46:24 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D45E9264-993A-4E94-B856-DD144FE9F843
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7821
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9158942738723639914
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9158942738723639914
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:46:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9158942738723639914
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D2EC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d8976359-c6d1-4b00-9ae5-014a34cbe9c0&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d8976359-c6d1-4b00-9ae5-014a34cbe9c0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:46:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 26 Oct 2022 23:46:25 GMT
Expires
Wed, 26 Oct 2022 23:46:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x21 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d8976359-c6d1-4b00-9ae5-014a34cbe9c0&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame BA09 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::22 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 23:46:24 GMT
expires
Wed, 26 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
563005
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 39DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2405595269968055214&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2405595269968055214&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:46:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
17606865-5499-40cb-96a2-9f3a757e6f41
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Oct 2022 23:46:24 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2405595269968055214&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.64.151.31; 217.64.151.31; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame F792
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D45E9264-993A-4E94-B856-DD144FE9F843&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D45E9264-993A-4E94-B856-DD144FE9F843&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D45E9264-993A-4E94-B856-DD144FE9F843&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 26 Oct 2022 23:46:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PQ700YFEZE2XB3PWX3AS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 26 Oct 2022 23:46:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D45E9264-993A-4E94-B856-DD144FE9F843&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MA1X7GXDY462RNQ2248G
setuid
sync.quantumdex.io/ Frame 3312 		43 B
117 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=D45E9264-993A-4E94-B856-DD144FE9F843
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
76071239aaba5c85-FRA
content-length
43
content-type
image/gif
date
Wed, 26 Oct 2022 23:46:25 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 573C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1F6SZJk6TpS4Vt0UT-n4Qw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=37261
accept-ranges
bytes
content-length
5549
expires
Thu, 27 Oct 2022 10:07:25 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:46:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 573C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2cfa6359-c6d1-4500-b093-212c26b0d0c6
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2cfa6359-c6d1-4500-b093-212c26b0d0c6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 26 Oct 2022 23:46:25 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2cfa6359-c6d1-4500-b093-212c26b0d0c6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 Oct 2022 23:46:24 GMT
generic
match.adsrvr.org/track/cmf/ Frame 573C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=D45E9264-993A-4E94-B856-DD144FE9F843
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 23:46:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 573C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDQ1RTkyNjQtOTkzQS00RTk0LUI4NTYtREQxNDRGRTlGODQz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:46:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:46:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 573C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED7HYfYFBLZ5zGazyVFH98s&google_cver=1
42 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED7HYfYFBLZ5zGazyVFH98s&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:46:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:46:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED7HYfYFBLZ5zGazyVFH98s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 573C 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:46:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 25 Oct 2022 23:46:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 573C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=913337912603029109
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=913337912603029109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:46:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=913337912603029109
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 573C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 23:46:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.js
eus.rubiconproject.com/ Frame 1D02 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 23:46:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72780
Connection
keep-alive
Content-Length
9454
Expires
Thu, 27 Oct 2022 19:59:24 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1D02 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 1D02 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.quantumdex.io
URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-3469c696-c281-3a9d-a756-c082258dbccb

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| googletag object| ggeac object| google_js_reporting_queue object| pbjsChunk object| pbjs object| _pbjsGlobals undefined| google_measure_js_timing object| slots object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

45 Cookies

Domain/Path Name / Value
.file.io/ Name: _ga
Value: GA1.2.878729718.1666827980
.file.io/ Name: _gid
Value: GA1.2.75530056.1666827980
.file.io/ Name: _gat
Value: 1
.quantumdex.io/ Name: uid
Value: 407e06b3-3ebf-4985-a479-4e126bfb1a64
.file.io/ Name: __gads
Value: ID=f82e49fde9ce8281-222ba98e5ace0034:T=1666827981:S=ALNI_MbRjtsdHTSSYcoK0IJ29HQaJwULoQ
.file.io/ Name: __gpi
Value: UID=00000b78aa6d02ae:T=1666827981:RT=1666827981:S=ALNI_Mau1sOw_XEXiOnHDRiDgKslQtCapA
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.yahoo.com/ Name: A3
Value: d=AQABBNDGWWMCEC5qNCR4JeRnd9DS9b63-44FEgEBAQEYW2NjYwAAAAAA_eMAAA&S=AQAAAsqsj7mwEU3LSrTkRKzSXpU
.adnxs.com/ Name: uuid2
Value: 2405595269968055214
.casalemedia.com/ Name: CMID
Value: Y1nG0HFRb6GU5XhTDJWuwgAA
.casalemedia.com/ Name: CMPS
Value: 1178
.casalemedia.com/ Name: CMPRO
Value: 1178
.ads.pubmatic.com/ Name: KCCH
Value: YES
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.analytics.yahoo.com/ Name: IDSYNC
Value: 192w~27xz
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D45E9264-993A-4E94-B856-DD144FE9F843
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1666828800%3A174%7C1667952000%3A197_219_201
.pubmatic.com/ Name: SyncRTB3
Value: 1668038400%3A35%7C1667952000%3A13_54_3_251_220_21_161_7_56
.doubleclick.net/ Name: IDE
Value: AHWqTUnp18jrZu1AFBig3UJV7yZXljddMoNVwfvdD789o9GOyI_yuEcuXxuknV5RYEw
.casalemedia.com/ Name: CMTS
Value: 3264
.simpli.fi/ Name: suid
Value: 243B7EF49C0D4F8F91CDCFC5E169E1E8
.onaudience.com/ Name: cookie
Value: 19adb095523d282d
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.9158942738723639914
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2405595269968055214&KRTB&23339-2405595269968055214
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESED7HYfYFBLZ5zGazyVFH98s&KRTB&16514-CAESED7HYfYFBLZ5zGazyVFH98s&KRTB&23025-CAESED7HYfYFBLZ5zGazyVFH98s&KRTB&23386-CAESED7HYfYFBLZ5zGazyVFH98s
.adform.net/ Name: uid
Value: 913337912603029109
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-913337912603029109&KRTB&23263-913337912603029109
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9158942738723639914
.pubmatic.com/ Name: PugT
Value: 1666827983
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: 55e5203a-09ed-542c-b39d-cb19d0c40dc8
.betweendigital.com/ Name: ss
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3469c696-c281-3a9d-a756-c082258dbccb
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.betweendigital.com/ Name: ut
Value: Y1nG0QADikBemBqxb-_WX9nxUwk0egORsDtnlQ==
.amazon-adsystem.com/ Name: ad-id
Value: A5wEH7M2D0UtnKiPoMsPgsc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a0c9666f77ea5887867ec1f4aafeac2.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
bid.glass
c1.adform.net
cm.g.doubleclick.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
file.io
hbx.media.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
s.ad.smaato.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.adotmob.com
sync.mathtag.com
sync.quantumdex.io
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
www.file.io
www.google-analytics.com
www.google.com
www.googletagservices.com
sync.quantumdex.io
103.229.205.243
104.18.18.126
13.224.189.94
141.94.171.215
141.95.33.111
142.250.185.162
18.158.86.133
185.183.112.148
185.64.189.110
185.80.39.216
185.89.210.20
198.47.127.19
198.47.127.20
203.195.121.141
213.155.156.164
213.19.147.45
216.52.2.39
23.205.235.133
23.35.236.201
2600:9000:20eb:1400:1b:5138:8a40:93a1
2606:4700:10::6816:2560
2606:4700:20::681a:bd1
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9a
2a02:2638::22
3.126.56.137
3.33.220.150
34.233.226.104
35.204.74.118
35.214.174.31
37.157.6.252
51.89.9.251
52.46.143.56
52.94.223.37
64.20.35.44
69.173.144.139
69.173.151.100
95.101.200.23
96.16.141.156
04abeffb96f97bd13ab355781f2a812a83e5e116a72690d1a64dcb40358eeeca
10dcaaf69bd430ace51c25e2c8a0d676faaedf2bce0acabaa1def47c7bcc0ad3
15a6c1f335e08bfbef5ddca3572088dfa897eaa5a7c020885e33a73e769e2833
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
27b75a7887b7fd3716f7abff1ede95e77201eab7cbb4cc167d250c2082a56871
280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd
2c6c40892eeac45630835e71ea88a7bee39454223bc54fdeae25ed642cb11a6f
3176130038be20ee8b06cd5fe0581a5af3cc00ad74fbe357bf912dbf597e354c
3bfbb8f42b3e79f5e8093d4459dbc75d1c9cb481c5c13c31b34ffc1890f0b787
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59bf619f845b59cb0bc97aa5f41941975609d290501243e71716c429c817f560
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3
5ff8085ad02fa11d476c2329de7ee3df744e70655075a378a95b6a1e1278083b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d546fa05459e7e9b0886ec5db3576f280d171d52eb27f128e993cc6a98b949b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
870981ad8d93bcec8b2a487ee4efb161adf0241410ecec1fcb33c14a994555e8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1
94a057fa3a8cb5ddac308191c23926e496ed8874cc71e6640806a09760e6732a
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b44aca1eae3e39ba997248990086d3869b5c11e0b9061db488cc214e12d77b78
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c494e8ebd67356deb2cf11784857fe59c2ba1c7caf87b5e3c12d9d84bb9556d2
c57cdd407c85d3f69dcd639df4421ba5dd8a885841074177d47ffa3483d00f22
c7dd5d81b2a12deebfebb565d485ebb7b1743b91a015bcf14bd8bbdbff89e678
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c8bae5eeec1e33063917f848eeff9b240630cc1b5d93a29529998c95e75d56
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f9d739f074d91e2ffba3a007ca87ff10cf1017fa86c4ab4b19e2bc0e39cda4
fb26ba7d6c1e90849f333847be322f55b4de508d294467d7c8a7f1cd70d366f0
fdf482b1595dea6b2f3db2b253bca64e053aabbdf23a0b2fb5cc40d9e0c745ed