urlscan.io logo urlscan.io
SecurityTrails logo

www.file.io Open in urlscan Pro
13.33.88.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://file.io/0hpSPhnEIKmH
Effective URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Submission: On February 28 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 11 countries across 86 domains to perform 362 HTTP transactions. The main IP is 13.33.88.30, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 25th 2023. Valid for: a year.
This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.197.10.85 14618 (AMAZON-AES)
39 13.33.88.30 16509 (AMAZON-02)
2 138.199.46.68 60068 (CDN77 ^_^)
2 172.253.118.100 15169 (GOOGLE)
1 172.67.36.131 13335 (CLOUDFLAR...)
1 142.251.10.154 15169 (GOOGLE)
1 4 87.250.251.119 208722 (GLOBAL_DC)
1 172.67.69.19 13335 (CLOUDFLAR...)
1 18.155.70.99 16509 (AMAZON-02)
17 74.125.24.155 15169 (GOOGLE)
2 104.26.8.169 13335 (CLOUDFLAR...)
3 12 104.254.148.251 29990 (ASN-APPNEX)
2 54.254.189.210 16509 (AMAZON-02)
3 185.86.138.16 201081 (SMARTADSE...)
5 103.231.98.193 62713 (AS-PUBMATIC)
3 9 145.40.88.5 54825 (PACKET)
16 13.250.192.86 16509 (AMAZON-02)
2 72.34.250.78 27630 (AS-XFERNET)
1 52.43.45.49 16509 (AMAZON-02)
2 54.179.251.78 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
11 69.16.175.10 20446 (STACKPATH...)
2 172.217.194.157 15169 (GOOGLE)
2 172.217.194.156 15169 (GOOGLE)
1 74.125.24.154 15169 (GOOGLE)
3 142.251.10.132 15169 (GOOGLE)
1 23.55.56.245 20940 (AKAMAI-ASN1)
7 18.205.57.11 14618 (AMAZON-AES)
9 74.125.24.132 15169 (GOOGLE)
3 172.217.194.103 15169 (GOOGLE)
3 54.146.146.97 14618 (AMAZON-AES)
18 96.17.188.24 16625 (AKAMAI-AS)
2 42.99.140.216 4637 (ASN-TELST...)
9 184.51.136.24 16625 (AKAMAI-AS)
2 172.253.118.155 15169 (GOOGLE)
1 52.51.38.237 16509 (AMAZON-02)
1 52.206.131.34 14618 (AMAZON-AES)
2 182.161.73.136 55569 (CRITEO-AS...)
1 2 35.244.193.51 15169 (GOOGLE)
4 141.95.98.64 16276 (OVH)
13 14 15.197.193.217 16509 (AMAZON-02)
7 20 35.71.178.8 16509 (AMAZON-02)
3 184.51.240.199 16625 (AKAMAI-AS)
5 184.51.240.213 16625 (AKAMAI-AS)
4 8 52.46.151.131 16509 (AMAZON-02)
1 67.199.150.82 62713 (AS-PUBMATIC)
2 2 103.229.206.240 30419 (MEDIAMATH...)
7 72.34.250.75 27630 (AS-XFERNET)
5 5 52.74.162.2 16509 (AMAZON-02)
1 1 198.8.71.130 54312 (ROCKETFUEL)
1 37.157.3.30 198622 (ADFORM)
2 2 74.214.196.131 19189 (PULSEPOINT)
15 31 74.125.68.154 15169 (GOOGLE)
6 9 69.173.158.64 26667 (RUBICONPR...)
12 15 35.213.12.39 15169 (GOOGLE)
1 4 13.107.42.14 8068 (MICROSOFT...)
1 1 23.108.103.8 59253 (LEASEWEB-...)
3 4 18.140.118.83 16509 (AMAZON-02)
2 204.79.197.200 8068 (MICROSOFT...)
4 103.231.98.196 62713 (AS-PUBMATIC)
1 4 104.18.25.173 13335 (CLOUDFLAR...)
2 2 52.87.37.104 14618 (AMAZON-AES)
4 4 174.137.133.49 27257 (WEBAIR-IN...)
1 133.186.161.88 45974 (NHN-AS-KR...)
1 1 54.178.92.55 16509 (AMAZON-02)
1 2 139.99.49.250 16276 (OVH)
5 5 35.214.223.115 15169 (GOOGLE)
9 54.147.104.157 14618 (AMAZON-AES)
1 5 23.106.127.53 59253 (LEASEWEB-...)
1 2 23.211.140.123 20940 (AKAMAI-ASN1)
12 13 145.40.73.5 54825 (PACKET)
3 3 50.116.239.135 6336 (TURN-US-ASN)
1 150.136.26.45 31898 (ORACLE-BM...)
2 3 209.191.163.208 14744 (INTERNAP-...)
1 1 23.41.65.80 16625 (AKAMAI-AS)
4 23.75.85.227 16625 (AKAMAI-AS)
2 2 35.244.159.8 15169 (GOOGLE)
1 3.214.171.223 14618 (AMAZON-AES)
2 18.136.225.91 16509 (AMAZON-02)
4 4 89.207.22.140 41041 (VCLK-EU-SE)
1 1 34.192.34.224 14618 (AMAZON-AES)
1 1 54.150.124.224 16509 (AMAZON-02)
1 202.233.84.1 131957 (MICROAD M...)
1 2 18.141.61.240 16509 (AMAZON-02)
2 162.19.138.120 16276 (OVH)
3 4 185.84.60.21 198622 (ADFORM)
21 67.199.150.86 3257 (GTT-BACKB...)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 103.229.10.192 16509 (AMAZON-02)
7 103.231.98.194 62713 (AS-PUBMATIC)
1 182.161.73.146 55569 (CRITEO-AS...)
1 1 172.104.45.159 63949 (AKAMAI-AP...)
1 220.150.223.50 4686 (BEKKOAME ...)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 1 50.57.31.206 19994 (RACKSPACE)
1 2 119.9.108.180 45187 (RACKSPACE...)
3 3 35.230.38.116 396982 (GOOGLE-CL...)
4 103.231.98.195 62713 (AS-PUBMATIC)
2 2 52.193.212.189 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 104.254.151.69 29990 (ASN-APPNEX)
3 52.77.152.198 16509 (AMAZON-02)
2 18.179.72.97 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 80.77.87.161 46636 (NATCOWEB)
2 2 23.106.69.72 59253 (LEASEWEB-...)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 67.220.226.234 16509 (AMAZON-02)
2 2 52.220.229.2 16509 (AMAZON-02)
2 175.41.222.83 16509 (AMAZON-02)
2 4 35.186.193.173 15169 (GOOGLE)
4 4 13.215.220.77 16509 (AMAZON-02)
4 4 13.250.207.233 16509 (AMAZON-02)
2 195.5.165.20 44968 (IPROM-AS)
2 169.197.150.7 398989 (DEEPINTENT)
2 4 13.215.75.8 16509 (AMAZON-02)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
2 145.40.73.4 54825 (PACKET)
362 91
2    34.197.10.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-10-85.compute-1.amazonaws.com
file.io
39    13.33.88.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-30.sin2.r.cloudfront.net
www.file.io
2    138.199.46.68 (Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-46-68.bunnyinfra.net
hb.vntsm.com
2    172.253.118.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f100.1e100.net
www.google-analytics.com
1    172.67.36.131 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
stats.g.doubleclick.net
4    87.250.251.119 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: mc.yandex.ru
mc.yandex.ru
1    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    18.155.70.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-70-99.sin52.r.cloudfront.net
d1oykxszdrgjgl.cloudfront.net
17    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2    104.26.8.169 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
12    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    54.254.189.210 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-189-210.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
3    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
5    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
16    13.250.192.86 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
web.ssp.yahoo.com
c2shb.pubgw.yahoo.com
2    72.34.250.78 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    52.43.45.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-45-49.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
2    54.179.251.78 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-251-78.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
11    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
tg1.aniview.com
player.avplayer.com
content1.avplayer.com
player.aniview.com
2    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
adservice.google.com.au
2    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
adservice.google.com
1    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
pagead2.googlesyndication.com
3    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
1    23.55.56.245 (Osaka, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-56-245.deploy.static.akamaitechnologies.com
feed.avplayer.com
7    18.205.57.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-57-11.compute-1.amazonaws.com
track1.aniview.com
9    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
3    172.217.194.103 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f103.1e100.net
www.google.com
3    54.146.146.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-146-97.compute-1.amazonaws.com
track1.avplayer.com
18    96.17.188.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-188-24.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
2    42.99.140.216 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-216.pacnet.net
qsearch-a.akamaihd.net
9    184.51.136.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-136-24.deploy.static.akamaitechnologies.com
contextual.media.net
2    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
www.googletagservices.com
1    52.51.38.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-38-237.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
1    52.206.131.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-131-34.compute-1.amazonaws.com
go1.aniview.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
4    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
14    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
20    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    184.51.240.199 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-240-199.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    184.51.240.213 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-240-213.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    67.199.150.82 (Singapore)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
5    52.74.162.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
31    74.125.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f154.1e100.net
cm.g.doubleclick.net
9    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
15    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    23.108.103.8 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
4    18.140.118.83 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-118-83.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
4    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    52.87.37.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-37-104.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
rtb2-useast.e-volution.ai
1    133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHN, KR)
app.cauly.co.kr
1    54.178.92.55 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-92-55.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    139.99.49.250 (Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
5    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
9    54.147.104.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-104-157.compute-1.amazonaws.com
sync.aniview.com
5    23.106.127.53 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2    23.211.140.123 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-211-140-123.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
13    145.40.73.5 (Queenstown Estate, Singapore)

ASN54825 (PACKET, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
1    23.41.65.80 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-65-80.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    3.214.171.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-171-223.compute-1.amazonaws.com
s2s.aniview.com
2    18.136.225.91 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-225-91.ap-southeast-1.compute.amazonaws.com
optimized-by.rubiconproject.com
4    89.207.22.140 (Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin03-nessy-float2.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
1    34.192.34.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-34-224.compute-1.amazonaws.com
fksnk.com
1    54.150.124.224 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-124-224.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
2    18.141.61.240 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-61-240.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
21    67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
7    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    172.104.45.159 (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1625-159.members.linode.com
gocm.c.appier.net
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipapac.semasio.net
3    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
4    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    52.193.212.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-212-189.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
3    52.77.152.198 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    18.179.72.97 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-72-97.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    23.106.69.72 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
2    175.41.222.83 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-222-83.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
4    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
4    13.215.220.77 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-220-77.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
4    13.250.207.233 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    13.215.75.8 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-75-8.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    145.40.73.4 (Queenstown Estate, Singapore)

ASN54825 (PACKET, US)
targeting.unrulymedia.com
Apex Domain
Subdomains		 Transfer
47 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 447
ads.pubmatic.com — Cisco Umbrella Rank: 457
image8.pubmatic.com — Cisco Umbrella Rank: 623
image6.pubmatic.com — Cisco Umbrella Rank: 725
simage2.pubmatic.com — Cisco Umbrella Rank: 668
image2.pubmatic.com — Cisco Umbrella Rank: 846
image4.pubmatic.com — Cisco Umbrella Rank: 938
simage4.pubmatic.com — Cisco Umbrella Rank: 1156
44 KB
42 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
207 KB
41 file.io
file.io — Cisco Umbrella Rank: 402040
www.file.io
940 KB
28 media.net
hblg.media.net — Cisco Umbrella Rank: 1799
contextual.media.net — Cisco Umbrella Rank: 563
warp.media.net — Cisco Umbrella Rank: 2437
lg3.media.net — Cisco Umbrella Rank: 4898
cs.media.net — Cisco Umbrella Rank: 1359
prebid.media.net — Cisco Umbrella Rank: 1219
330 KB
28 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1149
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
web.ssp.yahoo.com — Cisco Umbrella Rank: 2607
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 834
8 KB
25 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 11976
track1.aniview.com — Cisco Umbrella Rank: 1892
player.aniview.com — Cisco Umbrella Rank: 1963
go1.aniview.com — Cisco Umbrella Rank: 5817
sync.aniview.com — Cisco Umbrella Rank: 2346
s2s.aniview.com — Cisco Umbrella Rank: 2879
286 KB
22 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 498
eb2.3lift.com — Cisco Umbrella Rank: 338
10 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
80 KB
19 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 844
eus.rubiconproject.com — Cisco Umbrella Rank: 533
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4681
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 917
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1064
token.rubiconproject.com — Cisco Umbrella Rank: 541
30 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com — Cisco Umbrella Rank: 542
secure.adnxs.com — Cisco Umbrella Rank: 377
64 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
8 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
8 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 510
5 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 267
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940
4 KB
9 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1494
sync.go.sonobi.com — Cisco Umbrella Rank: 819
11 KB
9 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 918
3 KB
8 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 21268
player.avplayer.com — Cisco Umbrella Rank: 13818
track1.avplayer.com — Cisco Umbrella Rank: 15984
content1.avplayer.com — Cisco Umbrella Rank: 22143
193 KB
8 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1643
ssbsync.smartadserver.com — Cisco Umbrella Rank: 782
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571
9 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 424
2 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957
targeting.unrulymedia.com — Cisco Umbrella Rank: 772
2 KB
5 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 879
1 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1244
c1.adform.net — Cisco Umbrella Rank: 590
2 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 759
1 KB
4 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1252
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 726
3 KB
4 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4937
1 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2856
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2777
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 741
s.tribalfusion.com — Cisco Umbrella Rank: 1813
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
2 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 404
3 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3674
75 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 730
2 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1141
uipapac.semasio.net — Cisco Umbrella Rank: 118218
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 589
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
1 KB
3 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 342
899 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 378
dis.criteo.com — Cisco Umbrella Rank: 686
1011 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 830
83 B
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5210
563 B
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 19944
440 B
2 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2481
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1449
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4555
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 708
881 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 995
796 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
635 B
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6288
964 B
2 openx.net
u.openx.net — Cisco Umbrella Rank: 621
744 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 624
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
489 B
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4045
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 644
1 KB
2 bing.com
c.bing.com — Cisco Umbrella Rank: 237
953 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 555
2 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
1 KB
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1506
573 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
97 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1833
2 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 109206
696 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1292
104 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 663
735 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1886
25 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 28554
331 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 972
199 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3387
464 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4313
391 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2768
243 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1988
395 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 654
593 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24704
650 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 4745
641 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 68168
584 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4264
611 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1247
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 5325
416 B
1 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 61788
161 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2186
586 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 770
736 B
1 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 27615
162 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3447
696 B
1 cloudfront.net
d1oykxszdrgjgl.cloudfront.net
43 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 902
927 B
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 31803
676 B
0 everesttech.net Failed
sync-tm.everesttech.net Failed
362 86
Domain Requested by
39 www.file.io www.file.io
d1oykxszdrgjgl.cloudfront.net
hb.vntsm.com
31 cm.g.doubleclick.net 15 redirects eb2.3lift.com
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
eus.rubiconproject.com
21 simage2.pubmatic.com ads.pubmatic.com
20 eb2.3lift.com 7 redirects d1oykxszdrgjgl.cloudfront.net
eb2.3lift.com
15 x.bidswitch.net 12 redirects eb2.3lift.com
14 match.adsrvr.org 13 redirects hb.vntsm.com
12 ib.adnxs.com 3 redirects hb.vntsm.com
acdn.adnxs.com
10 securepubads.g.doubleclick.net hb.vntsm.com
d1oykxszdrgjgl.cloudfront.net
www.file.io
9 sync.1rx.io 9 redirects
9 sync.aniview.com www.file.io
ssbsync.smartadserver.com
eus.rubiconproject.com
ads.pubmatic.com
9 contextual.media.net edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
www.file.io
contextual.media.net
9 tpc.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
9 c2shb.ssp.yahoo.com hb.vntsm.com
9 prebid.a-mo.net 3 redirects hb.vntsm.com
8 s.amazon-adsystem.com 4 redirects eb2.3lift.com
eus.rubiconproject.com
8 pagead2.googlesyndication.com hb.vntsm.com
tpc.googlesyndication.com
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
www.file.io
7 image2.pubmatic.com ads.pubmatic.com
7 sync.go.sonobi.com
7 track1.aniview.com player.aniview.com
6 pixel.tapad.com 4 redirects
6 c2shb.pubgw.yahoo.com hb.vntsm.com
6 lg3.media.net edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
www.file.io
6 hblg.media.net www.file.io
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
6 player.aniview.com www.file.io
5 csync.loopme.me 5 redirects
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 ups.analytics.yahoo.com 5 redirects
5 ads.pubmatic.com d1oykxszdrgjgl.cloudfront.net
www.file.io
ads.pubmatic.com
5 hbopenbid.pubmatic.com hb.vntsm.com
4 sync.crwdcntrl.net 2 redirects
4 cm.adgrx.com 4 redirects
4 pm.w55c.net 4 redirects
4 ipac.ctnsnet.com 2 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 web.ssp.yahoo.com d1oykxszdrgjgl.cloudfront.net
4 eus.rubiconproject.com www.file.io
eus.rubiconproject.com
4 rtb-csync.smartadserver.com 1 redirects www.file.io
ssbsync.smartadserver.com
4 sync.targeting.unrulymedia.com 3 redirects ads.pubmatic.com
4 cs.media.net contextual.media.net
4 image6.pubmatic.com ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 px.ads.linkedin.com 1 redirects eb2.3lift.com
eus.rubiconproject.com
4 id5-sync.com hb.vntsm.com
4 mc.yandex.ru 1 redirects hb.vntsm.com
3 simage4.pubmatic.com ads.pubmatic.com
3 um.simpli.fi 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 ap.lijit.com 2 redirects www.file.io
3 ad.turn.com 3 redirects
3 a.tribalfusion.com 1 redirects ads.pubmatic.com
3 acdn.adnxs.com d1oykxszdrgjgl.cloudfront.net
3 content1.avplayer.com
3 track1.avplayer.com
3 www.google.com d1oykxszdrgjgl.cloudfront.net
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
3 edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
3 prg.smartadserver.com hb.vntsm.com
2 targeting.unrulymedia.com hb.vntsm.com
2 match.deepintent.com ads.pubmatic.com
2 core.iprom.net ads.pubmatic.com
2 dps.jp.cinarra.com ads.pubmatic.com
2 cm-supply-web.gammaplatform.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 prebid-server.rubiconproject.com hb.vntsm.com
2 pubmatic-match.dotomi.com 2 redirects
2 pool.admedo.com 2 redirects
2 uipapac.semasio.net 1 redirects ads.pubmatic.com
2 pippio.com 2 redirects
2 lb.eu-1-id5-sync.com hb.vntsm.com
2 match.sharethrough.com 1 redirects ssbsync.smartadserver.com
2 rtb2-useast.e-volution.ai 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 optimized-by.rubiconproject.com d1oykxszdrgjgl.cloudfront.net
2 u.openx.net 2 redirects
2 ads.stickyadstv.com 1 redirects www.file.io
2 onetag-sys.com 1 redirects
2 dsp.adkernel.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 c.bing.com eb2.3lift.com
2 bh.contextweb.com 2 redirects
2 sync.mathtag.com 2 redirects
2 lexicon.33across.com 1 redirects
2 gum.criteo.com hb.vntsm.com
2 www.googletagservices.com edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
2 warp.media.net edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
2 qsearch-a.akamaihd.net www.file.io
2 adservice.google.com d1oykxszdrgjgl.cloudfront.net
2 adservice.google.com.au d1oykxszdrgjgl.cloudfront.net
2 i.clean.gg hb.vntsm.com
2 tlx.3lift.com hb.vntsm.com
2 apex.go.sonobi.com hb.vntsm.com
2 ad.360yield.com hb.vntsm.com
2 script.4dex.io hb.vntsm.com
script.4dex.io
2 www.google-analytics.com www.file.io
www.google-analytics.com
2 hb.vntsm.com www.file.io
hb.vntsm.com
2 file.io 1 redirects www.file.io
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 cs.admanmedia.com ssbsync.smartadserver.com
1 prebid.media.net hb.vntsm.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 uipglob.semasio.net 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 aid.send.microad.jp edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
1 dynalyst-sync.adtdp.com 1 redirects
1 fksnk.com 1 redirects
1 s2s.aniview.com d1oykxszdrgjgl.cloudfront.net
1 secure-assets.rubiconproject.com 1 redirects
1 sync.technoratimedia.com www.file.io
1 ssbsync.smartadserver.com www.file.io
1 cc.adingo.jp 1 redirects
1 app.cauly.co.kr edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
1 s.tribalfusion.com edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
1 inv-nets.admixer.net 1 redirects
1 cm.adform.net
1 p.rfihub.com 1 redirects
1 image8.pubmatic.com
1 go1.aniview.com hb.vntsm.com
1 track.venatusmedia.com hb.vntsm.com
1 player.avplayer.com d1oykxszdrgjgl.cloudfront.net
1 feed.avplayer.com hb.vntsm.com
1 tg1.aniview.com d1oykxszdrgjgl.cloudfront.net
1 hb-api.omnitagjs.com hb.vntsm.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 ad-delivery.net hb.vntsm.com
1 stats.g.doubleclick.net www.google-analytics.com
1 hb.vntsm.io hb.vntsm.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 api.rlcdn.com Failed hb.vntsm.com
362 136

This site contains links to these domains. Also see Links.

Domain
file.io
mrcowboy.com
bid.glass
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
github.com
Subject Issuer Validity Valid
*.file.io
Amazon RSA 2048 M01		 2023-01-25 -
2024-02-23		 a year crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M02		 2023-02-02 -
2023-11-06		 9 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.a-mo.net
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.omnitagjs.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-06-15		 4 months crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-06-11		 4 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.aniview.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-07-14 -
2023-08-14		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
outstreamedia.com
R3		 2023-02-12 -
2023-05-13		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-01-24 -
2024-02-22		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-01-05 -
2023-07-05		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.cauly.co.kr
Sectigo RSA Organization Validation Secure Server CA		 2023-02-17 -
2024-03-06		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh

This page contains 70 frames:

Primary Page: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Frame ID: FD63E1727A52E0C7DFF6D059D6186B0B
Requests: 166 HTTP requests in this frame

Frame: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1464CC910139A059BC6885F389038BCB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6660947B07D5DFB8AE7657BB2B4216DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48491B54F6D3DABCFA69F6697785F723
Requests: 2 HTTP requests in this frame

Frame: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CADB00D874722C36B413484E700AFC8B
Requests: 18 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Frame ID: A37C5DF12E0D4F9052E10BFDBDE08C32
Requests: 7 HTTP requests in this frame

Frame: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48C2BD2CDD84DFE0F603724182A3813C
Requests: 18 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 2F87E628F7E66C8952397B49E8C357B3
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 04A07364679FB624BB3537A26FEA1379
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D531182D207C821F722F172A73E135E
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 58A34DB4B10F3A55F6D18CE6767A7131
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 271F75D89FE1F4E456B7AC0B9900C28F
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 018B13BE88A4B20512CAD21181173CC2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 539AE7257110BBB3D5BB235C6CC8C158
Requests: 17 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: BA60742D265985A3066360063ABF069B
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 81E0309259A24B13C77CBB036BC287EA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 60B02F979F7D9C8E30C5C0701857430A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C6E2BE9817D29DA87B52EDDE6881836A
Requests: 9 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=56&pid=5f2063121d82c82557194737&key=0a4deedc-e5cf-4710-ae76-158c3fb84e3e&gdpr_consent=null&gdpr=0
Frame ID: 68804293ECCF66764FF80AF2D47CE20D
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Frame ID: 17B2CF2A84262E4C8ACFD06181809DC9
Requests: 6 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=98aa423e813894639267394451cdb2e3&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: 2D0DB32442AAAB3280F24FE8D709C1F5
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: 806809FB2F9C90DADFBDE3F4312C8784
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
Frame ID: 46C9DD4043E31CAACD02DA34F266698A
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Frame ID: 679FF3E0EB3DB680ECF8A82B9A12C4FE
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1677574385232-939013850577-001196-000-008171&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: E7566BD704DD89F4E39C59BAB46415FA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Frame ID: FD45784BDE869242ED5727605CBB5CC1
Requests: 5 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=18&key=GOzVCLZH5dv441RoTMe8YhTl
Frame ID: CC3A8351CE1CE93AC61B4BC976B22EB7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 6F33A6132165070DDF49F49D56004572
Requests: 11 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=23&key=215f38da-3f4f-451c-9f93-5b724b110f2b
Frame ID: ABBE7733C0455152BE5A3E5AC0351F68
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLmFuaXZpZXcuY29tL2Nvb2tpZXN5bmNlbmRwb2ludD9hdWlkPTE2Nzc1NzQzODUyMzItOTM5MDEzODUwNTc3LTAwMTE5Ni0wMDAtMDA4MTcxJmJpZGRlcm5hbWU9MTA1JnBpZD01OWM5MTQ4NjI4YTA2MTJkYTM2ODkyODgma2V5PQ%253D%253D%26uid%3D%24UID
Frame ID: F45A7521674104DB998F9A18CDF536D2
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: BEC0C17D80F680D5E4932A5C7E2364F0
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 396B723420A9ACFA6AB7FE9B55AF5844
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
Frame ID: 8FC6E9814B498B08354C8C8386B2D083
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82&gdpr=0&gdpr_consent=
Frame ID: ACE73BC76BE0DA2F4F64E9CB30E981E2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: E8C723B4184D90FF5EBF83E1E69210F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z4guka8daqi
Frame ID: AF10220191EF49A92BB41C12072F3B5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2232052228606262905&gdpr=0&gdpr_consent=
Frame ID: 0D86ED1E407F17238829A3368246A21C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-
Frame ID: E67DDA184E085714AC1DFE8017CAAA55
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6D8F943B9FA49DBA9B7EB686128E5359
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=fWuDUWmLADmKn_K38sD9Yw
Frame ID: BE4A957BAC5A97DC221EA7CA3FC8374B
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 40F87F54616252549F4D160EB45559EA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FP5VWlQDQ_RIo6JutjmBBa310bc&gdpr=0&gdpr_consent=
Frame ID: BB914BD6582A1A47A461E68FC888DB0B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qylv6hrey6w
Frame ID: 1000CE77D724051BD2D942EF7AAFEB1B
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
Frame ID: 4E852AFE9D80A05B20724ADD2835D4B6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 8D8F11ED17449489A4923E189E8CB210
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=36772c707e78438fa34f3aabd6fe7226
Frame ID: 51C37FA615F03F53A3F58B7C8113B1DC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0QW865Dy1PwVJr5&gdpr=0&gdpr_consent=
Frame ID: 959258F5BE0C26BECED7A79D48652B13
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
Frame ID: A32A4A7FC375C53DA9D38FF4F5D9B4BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Frame ID: B25FFD601405374A7539A004266CFE4D
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 22F5CBD45E2693FE8EC4017832948AB3
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 818CCD3F9988BF78D849DBF30E72B5BD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: BB81F5F8E96817F135B23E32FBFF305E
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: F1D8F7860CD6EAA859BB8EB00FE3E469
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
Frame ID: 8CAA94B7CAAA0B75BF70E7BC6D6FAC9E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1o88ly04fojq
Frame ID: 37DFA66F68B5E22B0F748137CF90F6E9
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
Frame ID: EFE075CABC0969E290053B371A7C4ED7
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 6EAA93024A5041F65213A8F95CCD4A2C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2cd58b283f3c41838605f8e6854adae5
Frame ID: DB390FD90D009E2EF93C99E6B98E6A95
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:91bFP8dB1PwVJr5&gdpr=0&gdpr_consent=
Frame ID: EDA5F55D1A7912B9B944593CCC233E28
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
Frame ID: 6189A105187B3E5CC912C22236300D94
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Frame ID: 48994D8CD36473C91756B2E5B9E27FEA
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D41E4A72C162B224D4ACF7E557D41445
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: F99D495FCD6D53C1B1E2F7770238EA43
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2418DE92BE1C70507599CB06E8590B99
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=1&key=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
Frame ID: D8C6AC139BD3F4821B760BF80DD2E79E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3782BB141EB228C9BEF768DE207F29D2
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU322PTV&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: A56CD4C078A9DEE0E774E432BA44BF70
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: 8717B7FFD256EADA5097DFE91EF3ED75
Requests: 3 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: F6389221ABC1C1D0DFFC368B59D8CF59
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
Frame ID: 6D6AD7F1CCEFF8F62C9A2A27B7D9A90A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download | file.io

Page URL History Show full URLs

  1. https://file.io/0hpSPhnEIKmH HTTP 302
    https://www.file.io/k5O8/download/0hpSPhnEIKmH Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

362
Requests

77 %
HTTPS

0 %
IPv6

86
Domains

136
Subdomains

91
IPs

11
Countries

2808 kB
Transfer

10506 kB
Size

198
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://file.io/0hpSPhnEIKmH HTTP 302
    https://www.file.io/k5O8/download/0hpSPhnEIKmH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://mc.yandex.ru/watch/90916604?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asm0eap24cmhk4ozkpnx0n%3Afp%3A4812%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1064093290175%3Ahid%3A199560120%3Az%3A0%3Ai%3A20230228085302%3Aet%3A1677574382%3Ac%3A1%3Arn%3A473209007%3Arqn%3A1%3Au%3A1677574382721367189%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C405%2C1122%2C840%2C958%2C0%2C%2C13%2C0%2C5204%2C5204%2C0%2C3345%3Aco%3A0%3Acpf%3A1%3Ans%3A1677574374052%3Arqnl%3A1%3Ast%3A1677574382%3At%3ADownload%20%7C%20file.io&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asm0eap24cmhk4ozkpnx0n%3Afp%3A4812%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1064093290175%3Ahid%3A199560120%3Az%3A0%3Ai%3A20230228085302%3Aet%3A1677574382%3Ac%3A1%3Arn%3A473209007%3Arqn%3A1%3Au%3A1677574382721367189%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C405%2C1122%2C840%2C958%2C0%2C%2C13%2C0%2C5204%2C5204%2C0%2C3345%3Aco%3A0%3Acpf%3A1%3Ans%3A1677574374052%3Arqnl%3A1%3Ast%3A1677574382%3At%3ADownload%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 137
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&b=1&g=JzjmmH8UUrm4lks5ZPLtmNJm4IhABAAnwsO67AFKkZ4%3D
Request Chain 142
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 145
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 149
  • https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=snb&dcc=t
Request Chain 150
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D9888360e-50d3-4507-81d4-1b3d1efc897f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F555%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526A%253D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD05ODg4MzYwZS01MGQzLTQ1MDctODFkNC0xYjNkMWVmYzg5N2Y%25253D%2526uid%253D%2523PMUID
Request Chain 151
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=345463fd-c0f1-4500-9fc4-78b7daf0bb82
Request Chain 152
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=528dcc40-afc2-47e6-a469-3a68e3c2c7e9 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
Request Chain 153
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1920574145825885534
Request Chain 154
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=9888360e-50d3-4507-81d4-1b3d1efc897f HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
Request Chain 155
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&pubid=116da9d98c
Request Chain 156
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F595%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD01MjhkY2M0MC1hZmMyLTQ3ZTYtYTQ2OS0zYTY4ZTNjMmM3ZTk%253D%26uid%3D%24UID
Request Chain 157
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8a30bdcf-c3f8-4df9-86fb-30348e4f56bc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RWRuZXl1MDBpRDl0X3o2NEpYazZlZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAuMcMtcnuK_N3UYv4pklus&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=iOr69mgMXzzW
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OGEzMGJkY2YtYzNmOC00ZGY5LTg2ZmItMzAzNDhlNGY1NmJj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDmTT-FfFiG2ZHuhb_VcIe4&google_cver=1
Request Chain 159
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LEO0H4J7-1S-L4ZQ&gdpr=0&us_privacy=1---
Request Chain 160
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=9888360e-50d3-4507-81d4-1b3d1efc897f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=9888360e-50d3-4507-81d4-1b3d1efc897f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=79447bea-2257-4356-b98a-218e13b7dfa0&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 161
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d719f6e3-4709-4897-81df-6dc1be3a6813&google_hm=ZDcxOWY2ZTMtNDcwOS00ODk3LTgxZGYtNmRjMWJlM2E2ODEz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECItuqgxPYiQCHqxaziY7aU&google_cver=1&ssp=sonobi&bsw_param=d719f6e3-4709-4897-81df-6dc1be3a6813 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=d719f6e3-4709-4897-81df-6dc1be3a6813
Request Chain 163
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A
Request Chain 177
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 178
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELVpk-zFJyFFqWgVVqkyiYU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 180
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
Request Chain 182
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3369387884448946755240&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3369387884448946755240&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3Dc84aa6cb-8484-449c-a750-36a04708661a%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=eee0cfdcad5548a7882e6996e87e0001&ssp=triplelift&bsw_param=c84aa6cb-8484-449c-a750-36a04708661a&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=d719f6e3-4709-4897-81df-6dc1be3a6813&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 183
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3369387884448946755240?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iOkS8.NE2oSq5F.tu9SdxJKDr8hZu0VW7Gh7WRR0ew--~A&dongle=0883
Request Chain 184
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3369387884448946755240 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3369387884448946755240&dcc=t
Request Chain 186
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2232052228606262905&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 187
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 188
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELVpk-zFJyFFqWgVVqkyiYU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 190
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
Request Chain 193
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3369387884448946755240?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iOkS8.NE2oSq5F.tu9SdxJKDr8hZu0VW7Gh7WRR0ew--~A&dongle=0883
Request Chain 194
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3369387884448946755240 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3369387884448946755240&dcc=t
Request Chain 196
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2232052228606262905&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 200
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGPRhq4TSosG6IUjTxfBmYk&google_cver=1&google_push=Aa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPRhq4TSosG6IUjTxfBmYk&google_cver=1&google_push=Aa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 201
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHOv00GHp1_Q_S9aaKjwOeE&google_cver=1&google_push=Aa02lx_fGAFZX145llqFXZ2G-iB0PoysaM46KlvEkj2UayM2NU0YonrCQEONNso-tNW-BRi0XjZ5ZB6zg6R8vysAM3-K4D8PNioI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kYhMWnsGRV9VSLnn1fPTuK310bc&google_push=Aa02lx_fGAFZX145llqFXZ2G-iB0PoysaM46KlvEkj2UayM2NU0YonrCQEONNso-tNW-BRi0XjZ5ZB6zg6R8vysAM3-K4D8PNioI
Request Chain 202
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOQomNhRO4DcQTpacr3Q0iQ&google_cver=1&google_push=Aa02lx9_vl2iavAOxi2bHE4F4yWnFcS2GEiuVpd7NvTCHI_zVWQeFMcIAA6VOYewXkzeHUrswG6JLYkXHSws2WI8T1SM08UxeQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTkxODI2NjQwNDczMjU0NDc3NDE&google_push=Aa02lx9_vl2iavAOxi2bHE4F4yWnFcS2GEiuVpd7NvTCHI_zVWQeFMcIAA6VOYewXkzeHUrswG6JLYkXHSws2WI8T1SM08UxeQg
Request Chain 204
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE28_eR8SezQVEO-6jaY3p8&google_cver=1&google_push=Aa02lx8tLDG8IGth1uZIZl8SPxzsPZKbILElnfrb_oWgMaDXepCrxVB-0rdWoGQSltqUOoauBqVGMCo3OjgiCQ_rRdtp1RqUVhg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D&google_push=Aa02lx8tLDG8IGth1uZIZl8SPxzsPZKbILElnfrb_oWgMaDXepCrxVB-0rdWoGQSltqUOoauBqVGMCo3OjgiCQ_rRdtp1RqUVhg
Request Chain 205
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEKiuJz6Jv4WS0DXhZxpc9Zw&google_cver=1&google_push=Aa02lx9Md8Qv-jd61ARUjnfsMxLGlu4iFS1Yqsmjscnu27QuVNXnARKL_PBUxYHF2qItBu4pwvepr4h21oOguP0qK6mqNshi5fCA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9Md8Qv-jd61ARUjnfsMxLGlu4iFS1Yqsmjscnu27QuVNXnARKL_PBUxYHF2qItBu4pwvepr4h21oOguP0qK6mqNshi5fCA&google_hm=227d6c03e23bf7ccafa251f5289c6b3d
Request Chain 206
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAIz82WeRTCj5iSOmdgUMjw&google_cver=1&google_push=Aa02lx9DlWNLHP4-BmcMyThzausqwJMk4up7VSLrufpQ6EDGpsKFkbgrUjtHuf5_BzX6dl1aT1tQ4Nq-Nyai5TMeqBSW4laY8w9ZOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9DlWNLHP4-BmcMyThzausqwJMk4up7VSLrufpQ6EDGpsKFkbgrUjtHuf5_BzX6dl1aT1tQ4Nq-Nyai5TMeqBSW4laY8w9ZOA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwNTc1OTg1NjgzNzUyOTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKCjsL-Dr9XhaqPRr7sTHk8&google_cver=1
Request Chain 209
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=584b7180-a046-4cd5-8ae1-87ccc771fabd
Request Chain 210
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&ovsid=ce2f40bd-d059-45ed-98a2-5d4b6d219112&type=loop&gdpr_consent=null&gdpr=0
Request Chain 211
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=584b7180-a046-4cd5-8ae1-87ccc771fabd
Request Chain 212
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&ovsid=83f21678-3233-4745-bc2f-4d9b03791573&type=loop&gdpr_consent=null&gdpr=0
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwNTc1OTg1NjgzNzUzNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKCjsL-Dr9XhaqPRr7sTHk8&google_cver=1
Request Chain 214
  • https://csync.loopme.me/?pubid=11398&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D56%26pid%3D5f2063121d82c82557194737%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=56&pid=5f2063121d82c82557194737&key=0a4deedc-e5cf-4710-ae76-158c3fb84e3e&gdpr_consent=null&gdpr=0
Request Chain 216
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=98aa423e813894639267394451cdb2e3&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 218
  • https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
Request Chain 219
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D200%26key%3D%5BRX_UUID%5D&cb=1677574385963 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1993041605 HTTP 302
  • https://sync.1rx.io/usersync/turn/8391144493252904027?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-cff0e259-afb4-4806-9f1a-df8852f381ea-004 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Request Chain 222
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D18%26key%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=18&key=GOzVCLZH5dv441RoTMe8YhTl
Request Chain 223
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 224
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D23%26key%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=23&key=215f38da-3f4f-451c-9f93-5b724b110f2b
Request Chain 225
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLmFuaXZpZXcuY29tL2Nvb2tpZXN5bmNlbmRwb2ludD9hdWlkPTE2Nzc1NzQzODUyMzItOTM5MDEzODUwNTc3LTAwMTE5Ni0wMDAtMDA4MTcxJmJpZGRlcm5hbWU9MTA1JnBpZD01OWM5MTQ4NjI4YTA2MTJkYTM2ODkyODgma2V5PQ%253D%253D%26uid%3D%24UID
Request Chain 234
  • https://x.bidswitch.net/sync?ssp=themediagrid&user_id=1677574385232-939013850577-001196-000-008171&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&expires=30&ssp=themediagrid&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Request Chain 235
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=24&pid=59c9148628a0612da3689288&key=d719f6e3-4709-4897-81df-6dc1be3a6813
Request Chain 238
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHNTcI7WCPgoOQ7EHXKEs44&google_cver=1&google_push=Aa02lx8q7gKI5cvVwf4bXL2bEJHfsRIy-Heq_eDCnI7cRP2qdD7nowKFTZF89DIenBEHIgvIeGk96gybJg3Epfu58Ltz8WKP47Dx HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=49ea3f0d82c920b6&is_secure=true&networkId=14000&version=1&google_gid=CAESEHNTcI7WCPgoOQ7EHXKEs44&google_cver=1&google_push=Aa02lx8q7gKI5cvVwf4bXL2bEJHfsRIy-Heq_eDCnI7cRP2qdD7nowKFTZF89DIenBEHIgvIeGk96gybJg3Epfu58Ltz8WKP47Dx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALnxErzvtE8QNJ11tyAAAAAAA&expiration=1677660786&google_cver=1&is_secure=true&google_gid=CAESEHNTcI7WCPgoOQ7EHXKEs44&google_push=Aa02lx8q7gKI5cvVwf4bXL2bEJHfsRIy-Heq_eDCnI7cRP2qdD7nowKFTZF89DIenBEHIgvIeGk96gybJg3Epfu58Ltz8WKP47Dx
Request Chain 239
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEK26hdQaWVQgKAM1brJjKA0&google_cver=1&google_push=Aa02lx9WFkQLoih-mr02Uqy6auSqjOOjoMNmyef4Yoto1XHaO5KO7baTFeGzQ_kThh08qxxklY8MQJ6c9pdmOdwYnkoCCyt0OENR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9WFkQLoih-mr02Uqy6auSqjOOjoMNmyef4Yoto1XHaO5KO7baTFeGzQ_kThh08qxxklY8MQJ6c9pdmOdwYnkoCCyt0OENR
Request Chain 240
  • https://fksnk.com/cs/google?google_gid=CAESENxjUb9BrSImtiJRn4XkpLs&google_cver=1&google_push=Aa02lx_qC3TZMu1fb48-25JuDZkAI4ARu_VzKFpgCeonPbzPxj9cFWueNKTIwr5PeYvUiZg-mWEYZ4t8S7A07pS9P-b4NDxGc_PD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MkE2OTE4NzI0QjFCOEFDMA==
Request Chain 241
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEBKbHEYhZxnNLrEE6OCQOjY&google_cver=1&google_push=Aa02lx9x7mNOFfK9pFDE3ILm_enYW7tdc3QfP7FO0MJuhcG4AcWRzMjJ8b6z6-wwIUCQm7o6xF5D4d_hzq4gyikPwe5UbeM69WM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTEyNjgxMjQwMzQ&google_push=Aa02lx9x7mNOFfK9pFDE3ILm_enYW7tdc3QfP7FO0MJuhcG4AcWRzMjJ8b6z6-wwIUCQm7o6xF5D4d_hzq4gyikPwe5UbeM69WM
Request Chain 243
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMJS6rCAH0EGSB6UnTPsGrA&google_cver=1&google_push=Aa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ_QW3E7phPhpoqWboamfdRj8NU4QXW_zJktEksifIuKYdY1BOrw HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMJS6rCAH0EGSB6UnTPsGrA%26google_cver%3D1%26google_push%3DAa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ_QW3E7phPhpoqWboamfdRj8NU4QXW_zJktEksifIuKYdY1BOrw HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A9182664047325447741&exchange=193&google_gid=CAESEMJS6rCAH0EGSB6UnTPsGrA&google_cver=1&google_push=Aa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ_QW3E7phPhpoqWboamfdRj8NU4QXW_zJktEksifIuKYdY1BOrw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTkxODI2NjQwNDczMjU0NDc3NDE&google_push=Aa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ_QW3E7phPhpoqWboamfdRj8NU4QXW_zJktEksifIuKYdY1BOrw
Request Chain 244
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDumMWMrOOzeldLA-JsUPnM&google_cver=1&google_push=Aa02lx_8wLZvfPYSwU-MzB3HcQ5SBzFUheptFbcBoTFfZUkqSGGlQxsxMmr7V1-vqCaVMmWouchLZZYSOHJn64ROh7jzqNFd-2K1jw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Y2VkYzJiNTEtYTUyOS00ZWI1LTk5MGUtMmRjMjE2YWQwNjZm&google_push=Aa02lx_8wLZvfPYSwU-MzB3HcQ5SBzFUheptFbcBoTFfZUkqSGGlQxsxMmr7V1-vqCaVMmWouchLZZYSOHJn64ROh7jzqNFd-2K1jw
Request Chain 267
  • https://c1.adform.net/serving/cookie/match?party=14&cid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
Request Chain 268
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82&gdpr=0&gdpr_consent=
Request Chain 270
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z4guka8daqi
Request Chain 271
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2232052228606262905&gdpr=0&gdpr_consent=
Request Chain 272
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-
Request Chain 274
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=fWuDUWmLADmKn_K38sD9Yw
Request Chain 276
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FP5VWlQDQ_RIo6JutjmBBa310bc&gdpr=0&gdpr_consent=
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KKmDOEu6StuXrfPmm9C3PA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 278
  • https://idsync.rlcdn.com/420486.gif?partner_uid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI4QTk4MzM4LTRCQkEtNEFEQi05N0FELUYzRTY5QkQwQjczQxAAGg0I8oH3nwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=68f10b3551911bae29faa9333c6cfda931df49795d9a724c3cca24dd45e0bc5b791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2OGYxMGIzNTUxOTExYmFlMjlmYWE5MzMzYzZjZmRhOTMxZGY0OTc5NWQ5YTcyNGMzY2NhMjRkZDQ1ZTBiYzViNzkxNDI2YjU0MTdkY2UyMRAAGgwI84H3nwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2OGYxMGIzNTUxOTExYmFlMjlmYWE5MzMzYzZjZmRhOTMxZGY0OTc5NWQ5YTcyNGMzY2NhMjRkZDQ1ZTBiYzViNzkxNDI2YjU0MTdkY2UyMRAAGgwI84H3nwYSBAgCEABCAEoA&google_gid=CAESEDqX31UWiAAjNbjRqtK9NOE&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=18d3523a-39c1-41b5-9fa4-9f70142aa2a5
Request Chain 279
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjhBOTgzMzgtNEJCQS00QURCLTk3QUQtRjNFNjlCRDBCNzND&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECQpWwGK8we5swoDigJj2uo&google_cver=1
Request Chain 282
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C
Request Chain 284
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=584b7180-a046-4cd5-8ae1-87ccc771fabd&gdpr=0&gdpr_consent=
Request Chain 285
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uXSNbSFE2uV7EVmefTKiTKlnhvSm9bw-~A&gdpr=0
Request Chain 286
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2639514138855315857
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c84aa6cb-8484-449c-a750-36a04708661a HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c84aa6cb-8484-449c-a750-36a04708661a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5f42af90-601d-4f37-ba5c-e1fab58fd967&user_group=1&ssp=pubmatic&bsw_param=c84aa6cb-8484-449c-a750-36a04708661a HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d719f6e3-4709-4897-81df-6dc1be3a6813&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 288
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1311e923c658228f&is_secure=true&networkId=17100&version=1&nuid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRxxFPkG3zwMpRZd4AAAAAAA&expiration=1677660786&nuid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 289
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8319086899214976091&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 290
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2232052228606262905
Request Chain 308
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8056245095 HTTP 302
  • https://sync.1rx.io/usersync/turn/8463202087290831963?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-cff0e259-afb4-4806-9f1a-df8852f381ea-004 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Request Chain 309
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4514567127434089773&gdpr=0&gdpr_consent=
Request Chain 310
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=07010001_63fdc0f363178&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07010001_63fdc0f363178&gdpr=0&gdpr_consent=
Request Chain 311
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LEO0H573-K-DZ53 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LEO0H573-K-DZ53
Request Chain 312
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzk4N2NkNzQxMmFlOWJkMWI5MzAzMDJiZGUwODIzNTk1NGQ0OTZjZg
Request Chain 314
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEO0H573-K-DZ53
Request Chain 315
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5FA_FZU-SCQxtOIkTm3hZw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.rITZGBE2oILxredgvGlgoxb5NYPLv0in2d9uw--~A
Request Chain 316
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sreiVlzWQOa0GoEFwLzcAg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sreiVlzWQOa0GoEFwLzcAg
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMhSV4uLXSlGq28vdPz8WgA&google_cver=1
Request Chain 318
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPMEg1NzMtSy1EWjUz
Request Chain 319
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=584b7180-a046-4cd5-8ae1-87ccc771fabd&gdpr=0&gdpr_consent=&expires=30
Request Chain 325
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qylv6hrey6w
Request Chain 328
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=36772c707e78438fa34f3aabd6fe7226
Request Chain 329
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0QW865Dy1PwVJr5&gdpr=0&gdpr_consent=
Request Chain 330
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
Request Chain 331
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5669144735 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/584b7180-a046-4cd5-8ae1-87ccc771fabd HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-cff0e259-afb4-4806-9f1a-df8852f381ea-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Request Chain 334
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 336
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
Request Chain 337
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=&ct=y
Request Chain 338
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ad8c10d8-b6db-4dd7-99cb-49b5b0175507%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&ttd_puid=ad8c10d8-b6db-4dd7-99cb-49b5b0175507%2C%2C
Request Chain 339
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=&ct=y
Request Chain 340
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5bb540ba-bae3-4490-83db-c0160ab86cdb%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&ttd_puid=5bb540ba-bae3-4490-83db-c0160ab86cdb%2C%2C
Request Chain 341
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1o88ly04fojq
Request Chain 344
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2cd58b283f3c41838605f8e6854adae5
Request Chain 345
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:91bFP8dB1PwVJr5&gdpr=0&gdpr_consent=
Request Chain 346
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
Request Chain 347
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8440104494 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/584b7180-a046-4cd5-8ae1-87ccc771fabd HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Request Chain 350
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 377
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=

362 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0hpSPhnEIKmH
www.file.io/k5O8/download/
Redirect Chain
  • https://file.io/0hpSPhnEIKmH
  • https://www.file.io/k5O8/download/0hpSPhnEIKmH
312 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adb2e9e059ded06e4d90112e3e0e740d59b3f76c3663f35f95062dceb12f4e12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=86400
content-encoding
br
content-type
text/html
date
Tue, 28 Feb 2023 08:52:57 GMT
etag
W/"e53eb144f4ea9c80749b7d99ed18bd9c"
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-cf-id
GGXJHrE0N5YE9ErHxEI63u3cVE25z22yK1IJxXg2v0s5GzYYytNg_w==
x-amz-cf-pop
SIN2-P2
x-amz-id-2
tVZCzCXidi4Wz6oEyQsiYtM5C20FQUFtDUUm7vmqKCbTpBo0znA1/tVQogkDpRQ385QjKKb0Zws=
x-amz-request-id
YZE0EQ3PMBBKMNAX
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
content-length
136
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:52:54 GMT
location
https://www.file.io/k5O8/download/0hpSPhnEIKmH
retry-after
1
vary
Accept
x-ratelimit-limit
1
x-ratelimit-remaining
7
x-ratelimit-reset
2023-02-28T08:52:55.800Z
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1 MB
324 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.46.68 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-46-68.bunnyinfra.net
Software
BunnyCDN-SG1-868 /
Resource Hash
fe7a9a5a03e625713b480cd8b3da9c736d3b1759da836f73eae482dda0966973

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:52:57 GMT
content-encoding
br
cdn-edgestorageid
868
x-amz-server-side-encryption
AES256
cdn-cachedat
02/27/2023 14:42:58
cdn-pullzone
131999
last-modified
Tue, 21 Feb 2023 12:54:09 GMT
server
BunnyCDN-SG1-868
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"4c089407a8ca673d57148bf9ca8e5be1"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
20a44d1bb77549d4998d9cd65a2cd877
cdn-requestcountrycode
AU
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 07:27:31 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5126
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 28 Feb 2023 09:27:31 GMT
app-94ab6235bc4552ec45d3.js
www.file.io/ 		651 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/app-94ab6235bc4552ec45d3.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6adc8d1333d3210036fb1f70540db20bce7b2540a199635eda879d05002e8c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 19:07:57 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:39 GMT
server
AmazonS3
x-amz-request-id
6CX85S4XJAMWBQHQ
x-amz-cf-pop
SIN2-P2
etag
W/"d5b96f90610fd0e66fccb62435e7f262"
age
222301
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
l2rQcq-QYUKNy7HE6x4Sbpvd3co2p9HIYOEZmiF1rFv56rONotN3qg==
x-amz-id-2
FauLKD55OL/9aRQwns0MFWwyA8XkG468kpIqbj4vItrYDogNATQNy6LPWf3IuvKERgNs3sadtD8=
0eceb729-761e2b4090024f08e2ca.js
www.file.io/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/0eceb729-761e2b4090024f08e2ca.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 20:34:00 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:35 GMT
server
AmazonS3
x-amz-request-id
2KHEH6BFXSG9HGBE
x-amz-cf-pop
SIN2-P2
etag
W/"d8fa3e295945b4065c7adabadd2be99b"
age
994738
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
CNvcCtwe-84FN5_JWkng3C2SWfyNAVqDwYcqlvyJLoJfIwWBNju9ag==
x-amz-id-2
eVya6C/r6CPh+g83h+45qLWsFtzaxPew565JsTV1Dy/Wa2fWwTOuMxfjNFvyk+ZRZCIVTZfQwWs=
d6a9949e-4e9c210da2d83a376ddb.js
www.file.io/ 		51 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 19:33:24 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
K8NZJYPSSZKBCG5W
x-amz-cf-pop
SIN2-P2
etag
W/"2feda6389a53a29ad5102ef7918752f6"
age
3849573
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
aKKvLzNeRhVAxgCjrf9vRjkTWuz6jvjV-k6gdVQ8LK4xZ7LQjYu5fg==
x-amz-id-2
bnV2ijTf9wA2Rz4Mxra+HA4LLQDvBxoGmPnCSFZkqosfy9ZwbrEBpoMm9AVgcs9w5ZzoywNSRyA=
e82996df-3c73e38611643c5bb219.js
www.file.io/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e82996df-3c73e38611643c5bb219.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
5F27V8BMSWVFAK0E
x-amz-cf-pop
SIN2-P2
etag
W/"785aafc2bda0f767992456b4ba1b0627"
age
825245
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
UoWQhIkbfvoxbBPsHN58MikvGw-F7D_kMiN6sSmkeVZNa-XQMmvyUQ==
x-amz-id-2
9eYdIGWX+hni5HD49YZmo4tX+2jQj3vsxwQ30hHA5c4XSewim3yYDOaTTDc6cBDy88rYtuf7NjRavN9z1sSekQ==
framework-8fce40ee519418a713c9.js
www.file.io/ 		145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/framework-8fce40ee519418a713c9.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 19:38:28 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
x-amz-request-id
YWBF1N2FCQ5Z64FD
x-amz-cf-pop
SIN2-P2
etag
W/"c4a5f7717ceee6ea81514ff62873ada9"
age
3849270
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Zfljpvxf8oTtSqzF0j7FJSIJxhLkWutbUHdRXwpxCkwtDNapqVhYdQ==
x-amz-id-2
SGJFDzcePlF6KnK6FWFG+3Oyjo7FRZ4Zwc5/VHMTg3ezfMedZCpQpIUlqOY6cB3fZQ5/EzUK0Ts=
webpack-runtime-e85adc3f73c70220e1cc.js
www.file.io/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eae67948d40ba7e48ffcdc4f534d48bcae6f98e5d1fc77afa1c7e931462772f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 19:58:14 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:47 GMT
server
AmazonS3
x-amz-request-id
THB0SZSZHJR1ATG9
x-amz-cf-pop
SIN2-P2
etag
W/"a0b7944440774d5a3e8f33e901ae323f"
age
4280084
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
HhL5U2KiU2hD90dqSmMISkoQVmWMdZX133M7wIICsUWPd3nwhvcf7Q==
x-amz-id-2
Z2oTRGUwYXUc0tg3obSGqoLaUNvoiuU7cdbmNExWRL6H51urf8kJYN4BN4yl1TJ3gN5vds1v/zzMwkX6HgjOoQ==
app-data.json
www.file.io/page-data/ 		50 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 21:56:37 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
F1PAXFAPDVXYZF7D
x-amz-cf-pop
SIN2-P2
age
39382
x-cache
Hit from cloudfront
content-length
50
x-amz-id-2
NpdD9xLID6t//fP7rRrUuOFh+jFj/31S4rD4IoGtrnDgeDNw7pU/OTWM0Z3RpWU/2W21Fgj7lIk=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"8560808e9c37804e4c72d09857f5dca0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
od1TkxiEwG2ooCSC4ffjxXHagUrfKTPB0hbJGtPsuaRoOCHvg3zcaA==
page-data.json
www.file.io/page-data/downloadStopGap/ 		208 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/downloadStopGap/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 23:09:46 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
J4W3PJDMMZTRS6SV
x-amz-cf-pop
SIN2-P2
age
34993
x-cache
Hit from cloudfront
content-length
208
x-amz-id-2
FtC2J6lLPzmFS1OFsH+m6V2048VZ7IUhsHA1wSkajrlz2TvfmGWuHQ8iLCTRZbnTvMJxhHZnixA=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"a2bc2e30a9725de62058caf12cd11a0e"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
-pQGt_dO_xxUep-n-FozwOTHxvaFWkN0O_Nh1LmpVv4aq9iOkOjrAw==
cb1608f2-e216539eabbd5925fc79.js
www.file.io/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/cb1608f2-e216539eabbd5925fc79.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f78b804125d36b1a1c502fc0bc1aae64f96ade1ee9a773ba5def5b80804094ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:42:37 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:40 GMT
server
AmazonS3
x-amz-request-id
HY4FYCSJZ7D2297V
x-amz-cf-pop
SIN2-P2
etag
W/"67e460d9dbcf3a954ab115654390d3d7"
age
306622
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
U8iSUCr2NbZi5carIATx51HoSC8fnXx8QEv1NCWSAzP_aufsfdpeUw==
x-amz-id-2
2HRdWiugOoQoGbZNENz/QQTXD3Hf0L/PYw3u1KiF9RHFg6QeOy70RAEBqE1K+uSAIbmozx3Hk94=
a9a7754c-f1b5f9c5144f62adc766.js
www.file.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:01:31 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:37 GMT
server
AmazonS3
x-amz-request-id
V252E65FY80NR0RQ
x-amz-cf-pop
SIN2-P2
etag
W/"4ae04cdf11989fa265bb8cc9b598298f"
age
478288
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
W1WpuAIPW8wxdzMat4YYq90hGmvy0tC4kMUtd1pvbwBCo9crXtElpA==
x-amz-id-2
0K3GLzjh9NWXd7FWB9HjPj6dBUVfqqidtNOU3oXN4Ea065tmUye464CLiWVBTw5tWi5pLEO7EnN6sHwnHp8yRQ==
381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
www.file.io/ 		117 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 19:12:34 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:35 GMT
server
AmazonS3
x-amz-request-id
NR7EZAG1W22M4M91
x-amz-cf-pop
SIN2-P2
etag
W/"9c41c9970ebc8fe4c98c8f02b631cd07"
age
308425
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
au2u40fYJ0VTuDZhxfxPVn9fxDBX3Nc31sY8wFJFB38vROqB0WZe_Q==
x-amz-id-2
SH7Em5+9Ui77r8rCb40ox7sMQALTg4v3TrSuMgO6TTga8cS/PjUIxeQKJpk1HqYUAiRQXOEU/Hs=
a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
www.file.io/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 19:40:50 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:37 GMT
server
AmazonS3
x-amz-request-id
3TD7XWBRH2ZKGEHK
x-amz-cf-pop
SIN2-P2
etag
W/"2b921aab089ea83ec7bb825f970e0b68"
age
479528
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
b7d2ZyFD9q845Ig_q055VuLJh09DgeDDep7c6-LUnSo8ApypRLoQhQ==
x-amz-id-2
n4jVCEXCZEbaqdex3HSx3mFNMy9yQnbfWcE4C/rW/6c9UzFFv6GnllD5iw3roUI1pDCb/sKDGqk=
6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
www.file.io/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 20:02:48 GMT
content-encoding
gzip
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:36 GMT
server
AmazonS3
x-amz-request-id
H0FCMPD8P71G5FBP
x-amz-cf-pop
SIN2-P2
etag
W/"02f76c7d444e6eab701d07bea36dfd50"
age
737411
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
9PNVeLKyJ8cLerZTu4O1um6_AFejoGvFCid0_QGUB1SrXAUr1EgPBA==
x-amz-id-2
za3y1WDTpXzWaABN0PXhx2R7ylOZEgw/WZPrAW5Lk2vZCz6N+PkdWXEFnKQpzoRa9zLqoQng9B4=
ed516ccec82792e61eba5551e335b957b2d7d02c-6ae9c8365097e016cebe.js
www.file.io/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/ed516ccec82792e61eba5551e335b957b2d7d02c-6ae9c8365097e016cebe.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a54cc829e9e54c97f61adab5c35ac3225b179b11a792a91f49022d1db7b9b9aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 19:09:39 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
G1G9GRZ1HN89EY2S
x-amz-cf-pop
SIN2-P2
etag
W/"83f8c9e26a69db93869cfcef32de2315"
age
1086200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
IMfYOC4y9vG2zmvYkTo2eGMjj9RA8XGF0yDwrvN6p2AH9BcTaf9cfA==
x-amz-id-2
nfj6tQLCRfRQKdesUBIiGL+b+JTJG5aReKcWmYGDpG+eV8uolNQehc33lB6i06pdjxjyz6jSA4Q=
e98b170d240584cc273f592e36a9137245db2ee9-601e8117f7a01666c5d8.js
www.file.io/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e98b170d240584cc273f592e36a9137245db2ee9-601e8117f7a01666c5d8.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d30d2c565bf5a7c183be7055573eb2fa29b73426b924f21018aef4f320eb7974

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 20:12:11 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
AREW9DBVMS6BZ60P
x-amz-cf-pop
SIN2-P2
etag
W/"77557173bb9dcf452d03d3a95e38f07f"
age
4624848
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
OKzXS8g6FvJMLSoxhQUabxFn3U4UaCxWsGUvcbpxSXvPu084KnAXbg==
x-amz-id-2
Xq3wg+AR4BfVEsGoXWS1U/Ov7nCUAFhQPbH3PPcI9iM5cxKRkbUpJbYwLt5Yh7w8G3Nz1UhBHgE=
03f9af1d91ffaa672a221f7c6442c75365c47a72-a407f503157eb9fc407a.js
www.file.io/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-a407f503157eb9fc407a.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ea4aac0ea23d8a2f161d7a2cdb85b1273fcc7e76f405a55a1e4fc6eb8faac0d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 19:56:52 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:35 GMT
server
AmazonS3
x-amz-request-id
K9W7S3MSPJH749NY
x-amz-cf-pop
SIN2-P2
etag
W/"a1a221271b899830c49bd8a1200b2f57"
age
4193767
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
5CsmyWXLnq30rlpVVx19LvQqistBoLEY3V7T-2nWGwhecrxXAHzFxQ==
x-amz-id-2
U2uBMCsMQkDtxotTfRSF7pXP1AvtWPIEIdeAJ+CyELX+6sHmG04cRSBsYk/Lq0y2lTDfasbFdTo=
component---src-pages-download-stop-gap-js-176f1428224f4956c814.js
www.file.io/ 		484 B
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-download-stop-gap-js-176f1428224f4956c814.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55e2bc0de80dec3d96b000d97adcb7a1cce1e7260555f4141f5677a91c730dbe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 19:30:43 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
B382YDPTA0BM517Y
x-amz-cf-pop
SIN2-P2
etag
"9525d851171232c1012a3a1b9795a681"
age
4540936
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
484
x-amz-id-2
e2H5SAd+TmMLTtO7a81MNxkuGYDR/p7p8Kp/JK3QS/aJmYc92fGbmt3XUHoSBDhQRxWNzKTNnJU=
x-amz-cf-id
SoMsscdBedfGIkkwjfDdTxOU5Pljjw4WgI5_znfBHqdlmLqSO8nRLA==
1655680770.json
www.file.io/page-data/sq/d/ 		447 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1655680770.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:42:45 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
9MT6NXFNCYSDYEAJ
x-amz-cf-pop
SIN2-P2
age
43813
x-cache
Hit from cloudfront
content-length
447
x-amz-id-2
ctruTWLv3vZi6C51IXGKJOIrcg48FrOPTZaPotjm6jcg0+RkTxbDZHzPUYOx3UZaGdWN8N19qH8=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"c839c57483bd5d788408e7fc88e7cc8d"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
JbGAFrxWJ8NOoBdfg5IlT89K0ascrbWO4VY7JnqrcjBzvVlUZjHcQg==
1810866655.json
www.file.io/page-data/sq/d/ 		2 KB
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1810866655.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 19:37:54 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
x-amz-request-id
RB7NQM192HXEDA22
x-amz-cf-pop
SIN2-P2
etag
W/"7bb0144e136507cd9bfbaceb72189d09"
age
47705
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
S_wImk7NkmzSRXcUcxOy7TmJXXo_peKnLhyDF1-ARjE5PoNX4V6_2g==
x-amz-id-2
0YzTi34eXOq0/aEoCvW0ABEZe1nHmtmwq4Q+AhJFIP+hRseUp3npZEKkG1QRZQe9TCL24h4yAY4=
Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
Origin
https://www.file.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 19:21:15 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:47 GMT
server
AmazonS3
x-amz-request-id
RH7A45DR5JPHVSYX
x-amz-cf-pop
SIN2-P2
etag
"8dd26c3dd0125fb16ce19b8f5e8273fb"
age
4109503
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
324864
x-amz-id-2
9SbVAw4UryN5xKe4hiA8e6UqeN8IkxmpZn32GDJfLh+T/5A9D28hWgA+tFHo8G148xywQFwTlD4=
x-amz-cf-id
8sXZxRTATh95O_K6nW4tURAaL1qEuDFkuLBnubpuwl2W8kCnRAzkMA==
metadata
file.io/0hpSPhnEIKmH/ 		525 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://file.io/0hpSPhnEIKmH/metadata
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-10-85.compute-1.amazonaws.com
Software
/
Resource Hash
2bbcd7df67e16e3cea4ea63092724a0fb5a9cb1591f4dcf15eb45334be8df9bf

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:52:59 GMT
etag
W/"20d-U7o+RyXXqMnKiYadkE2tz7axG58"
x-ratelimit-remaining
7
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
x-ratelimit-reset
2023-02-28T08:53:00.621Z
x-ratelimit-limit
1
access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
content-length
525
retry-after
1
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=334022284&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&dp=%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&ul=en-us&de=UTF-8&dt=Download%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1971147224&gjid=917637465&cid=1616842533.1677574378&tid=UA-65658019-1&_gid=899631946.1677574378&_r=1&_slc=1&z=32157206
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:52:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
content.html
hb.vntsm.io/ 		32 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:00 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
VZZC1NCS4Z2PKRRJ
content-length
32
x-amz-id-2
kJIO6AaMLRrv6d4jdlUkXaMb/XNfmvv6XtLRkOrimhhI/ROq2+bt4CZruDHYfeTjgRvitt2qukA=
geo
AU
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a07ed5ebab85569-SYD
6357fe75b1abda701427d92a.enc
hb.vntsm.com/v2/live/ 		39 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.46.68 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-46-68.bunnyinfra.net
Software
BunnyCDN-SG1-868 /
Resource Hash
139b8a2ed51afa8e3ccc51360c7f06124aaae6fa467010dd7d2d468c45650025

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:52:59 GMT
content-encoding
br
cdn-edgestorageid
868
x-amz-server-side-encryption
AES256
cdn-cachedat
02/27/2023 14:44:17
cdn-pullzone
131999
last-modified
Thu, 23 Feb 2023 12:23:18 GMT
server
BunnyCDN-SG1-868
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"9965479c23f15172d39d63b9e23cd3bf"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
2486c0aff4d04a1b18600003d19557ac
cdn-requestcountrycode
AU
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-65658019-1&cid=1616842533.1677574378&jid=1971147224&gjid=917637465&_gid=899631946.1677574378&_u=aEBAAEAAAAAAACAAI~&z=569424580
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 28 Feb 2023 08:52:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		211 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
04afc90111de0665453b3f792bc1112feb5ee5bad24b9e206af915941da8c300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Feb 2023 11:11:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63f47caa-1203e"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73790
expires
Tue, 28 Feb 2023 09:53:01 GMT
px.gif
ad-delivery.net/ 		43 B
927 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
464442
x-guploader-uploadid
ADPycduaLVKWwoekf9aVrON_sE5hoJXaRX68mIH_7j_43spvpxfQl-8LDrhND9l2yzjxAsaYtG_6AClwV_pEIvfcvYtG81SoobxI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdZsQjD9gCaSqHBIjx0cc9BT0GqxQHpgLbOPK0xXY7frFj5tlplL1eTPC7wJe0UvDGi3mUW3gnNZjrOkDEFDrlQ9jgVmWzRRAE9JFAH9i625F3V%2FqlJr73veOPd4boLGdg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7a07ed6529e6dfb3-SYD
expires
Thu, 23 Feb 2023 00:18:25 GMT
script.js
d1oykxszdrgjgl.cloudfront.net/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.70.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-70-99.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf9e552fd6c3799fc2eeaef25783cc960092a60ed52e108517c987fbb0e0b18f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
tRu9vrhF_4jyDhGzg81HqzQF00JTzdR7
content-encoding
gzip
via
1.1 1c20fd4ecd6ab2f80432e8e32dafb792.cloudfront.net (CloudFront)
date
Tue, 28 Feb 2023 08:43:57 GMT
last-modified
Mon, 27 Feb 2023 19:03:24 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
543
x-amz-server-side-encryption
AES256
etag
W/"2b547476bc33f89891e3adef3da4f710"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
xs8IvEGG643O0x_8EiJUSNGuWQxu4h5gxT66bpAFu0ufzWHtArBDeQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
c18ec9b0ab550675bd8c55e5fdf1306cc21c053ae68843ff2c7772c010896f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26846
x-xss-protection
0
server
sffe
etag
"1496 / 18 of 1000 / last-modified: 1677539157"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Feb 2023 08:53:00 GMT
localstore.js
script.4dex.io/ 		483 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
990238
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i87KB%2F8j4%2BCs5RFF1I%2FebkAmoKGVVkv5pciXb90xsHWKHNggwTtkYNp3h51SMJsryLeFh2fw5VdTBh2ssPuAZgDbfHbUXj8xbwTPDrx8hE1OoELLcxFl6jfUa6tEpzP3"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7a07ed68fdcda95b-SYD
prebid
ib.adnxs.com/ut/v3/ 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
313b70510efaff4da4361a9c49c12046274ef1d9949f6fa97add685f7e6e2343
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:01 GMT
AN-X-Request-Uuid
0c129a50-48a4-45f3-b2da-9b70aaf07408
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.189.210 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-189-210.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:01 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bf2dd31df32a13a0c122ce7ba2c6bf622b7d6e85b6bc17a8410ce5456d05bd48
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:01 GMT
AN-X-Request-Uuid
d632a861-4d3f-4538-9cb0-dd134d626b68
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		871 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
9a987eec9fa260f4b33c4ec12eac25bb25876162a654942ed06605e77b3a1cec

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
48131a91acd22a3eb704e78dff1b31c7b6de5006b1871e3d5a196394410fcc12

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		584 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
60b292d46f0f5b8994adc2fa1e0034a46e7331ff1e525d5a9e9cef154910684f

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:00 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
109
content-length
302
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4852bf17c2c7d1720a1f959c0f459a003d46807d0f50bb1ae21974fde3aa1f41

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=%208a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
78fb6d6d560b30861e9903beae2f71a4a5f8011a4841fb0095f0ca67be52831a

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b8aec94bcbb5cb4ce81212c5327961f99dc4573c32d09a7e7582e0797a605aaf

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
565fba6e6a6417af5fbd1da6277955d16e0f063a350e477d78cbdbb46dc3d03f

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ed0c46b641529da7143ecf81c8b256ab3924cac80b23c18529aa8fb666afa709

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b0840a1f1ab455814832e0bef5ba160a49ae6678a07f98046114163dabe1c6b1

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
13339c98360f911cb2ffc6697ce70077e73b8213d11e072631d03792354e4696

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
edbbb2f59567559a89f217b32e46c1d45f462129a171d8046d86b3d1110f34a2

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
trinity.json
apex.go.sonobi.com/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22324be86b015cf98%22%3A%225c3986d1c2b45d45777d%7C970x250%2C970x90%2C300x250%2C728x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&s=38deaf33-9b49-4556-8d61-e597622d005b&pv=8652c3d7-c6f1-4e84-b05b-cff429e00190&vp=desktop&lib_name=prebid&lib_v=7.17.0&us=8&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22cec81673-f2f3-4075-b0a5-6bbd85203e2f%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cec81673-f2f3-4075-b0a5-6bbd85203e2f%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
9c888355c2877dafece800a73ee67c11e05ef90d384f015e82b175f07d629b0b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:01 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-79
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
637
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.45.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-45-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
75903ebd0e23e2661e98e831d3c20da38589835ef1443175d4b9335c92fa77e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
10
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.251.78 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-251-78.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:01 GMT
accept-ch
sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:01 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
28867FN4ZZX03V9B
Age
419867
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
MoL2TRHwOn8o+nIZ2zpAnuLacuLpt7a5/QR3ypPnSM+1nnXCwsq/PinNrlaTCyzpVUUkfy7hopw=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG8g8%2BI8pw%2Fx4kSwjHO6Fvtr%2B9a2ZGmez6EGhC0LcHSk49YNn3yt%2F5XvbdNhvalQ9qK9WBtkKrcaKWDwbvrzi3KwlFO1dFW4Xd9Lqym9g1TQP0o2afZinB64Rl%2FHzjg8"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
7a07ed6aff85a947-SYD
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 28 Feb 2023 08:53:01 GMT
server
nginx/1.21.6
via
1.1 google
pubads_impl_2023022301.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 22:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
382017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132695
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 09:36:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Feb 2024 22:46:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
459793b7785aeed13fe7c7985c32fa2811205bdd22e1283536aecc40ebcc471d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
457
x-xss-protection
0
expires
Tue, 28 Feb 2023 08:53:01 GMT
spt
tg1.aniview.com/api/adserver/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=4dd5e1c8db5791b85c4d6864add24906&AV_PLACEMENTID=6373750d98fb531abee85ae5
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
07f9fa6fcbfafd8f84bb49e24ce194a8e0d1b07d6c79b2c84768a3e3bc04cf13

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
gzip
x-hw
1677574382.dop207.sj3.t,1677574382.cds103.sj3.hn,1677574382.cds095.sj3.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
content-length
6206
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
a287464609ebcb8a58b57af1942b59833e8d39e0aa924570459be87b919de017

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2246a5ad225837fea%22%3A%225c3986d1c2b45d45777d%7C160x600%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&s=c19a452c-4229-4878-aa70-dfcea0ffdfdf&pv=8652c3d7-c6f1-4e84-b05b-cff429e00190&vp=desktop&lib_name=prebid&lib_v=7.17.0&us=8&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22cec81673-f2f3-4075-b0a5-6bbd85203e2f%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cec81673-f2f3-4075-b0a5-6bbd85203e2f%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
546e5b87fa2f69d793cc8892a620aada669ff515ea68579b8d0483cd3aea091b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:01 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-50
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
636
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		584 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
8b170a0287ee94bc842446e3fcc27fea3016a083d8fc5fb48d6a645d14251921

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
133
content-length
300
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e272ea102a2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b9957be3b1f6dc693869394177647cef368fd9999cf4f9f22c0eb86307c8f63b

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:01 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
pb
ad.360yield.com/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.189.210 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-189-210.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:02 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ea08a18ec56cc85f8053f3fc5b8df2ee9b608c6f3e51213a8fb2d0447a853142
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:01 GMT
AN-X-Request-Uuid
7129b3a4-e114-40f2-acfb-57d2bba744ea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.251.78 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-251-78.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:01 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3166373918727466&correlator=1732955005897675&eid=31072020%2C21065725&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=394511061&didk=996279706&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677574381750&lmt=1669217203&dlt=1677574376547&idt=5160&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1616842533.1677574378&ga_sid=1677574382&ga_hid=334022284&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c0b4a454a99cb286c9581ce9b437ee1dadfeff87bc7147c351fff0adce60c304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
594
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022301&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e0dae399853e65bb82a06ad77373286238a676171314ec762b50f13fb8796ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12516
x-xss-protection
0
container.html
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1464 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 08:53:02 GMT
expires
Wed, 28 Feb 2024 08:53:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023022301.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023022301.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
7f6bb4b03a78640219127af6919938631175b162fd6801a35cdfe0ace3e41d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 09:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13783
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 09:36:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Feb 2024 09:32:04 GMT
page-data.json
www.file.io/page-data/developers/ 		0
647 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
Origin
https://www.file.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:13:14 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
NJ1C4V189H3051N9
x-amz-cf-pop
SIN2-P2
age
16787
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
UlBZPSu1WpOMY1Ao80fHcSdt/aD73Yb+Huv4yLQAyUvqGpDb3FnTFnxLIPFwe4Z1aYKUYfh9gN0=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
HrT5guAQlJt2H2s3_rPYlnESr0DWjy0VePWcn5ST5PpWGZUfH1cpwQ==
page-data.json
www.file.io/page-data/index/ 		0
649 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
Origin
https://www.file.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 00:21:06 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
CZ8W7RN45V01X69Q
x-amz-cf-pop
SIN2-P2
age
30716
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
yRV8FHQRlFEAKgnsSyxvo2xShwA8pvLBGTnAf/YO3HjbcZsjrl2lnbQDLT1U5LcN6yEOSQdb4QUWI6m8KZOu4g==
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
HZnSK2EFIKVMT9AwNgRY-jjH-caO9nDLD7BRoYRANjfQo6mOc53EdQ==
page-data.json
www.file.io/page-data/login/ 		0
629 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
Origin
https://www.file.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 01:05:48 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
VYF24QTCSS28ZTCA
x-amz-cf-pop
SIN2-P2
age
28034
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
V6FNi/qM+qF62z/WpQMiE4rbIhfVBFQmFyEyMEj/2u/cj7H3dt08wRGPKtObTmKReKMH3DbDTly3QfjjfrTCAg==
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
mll9xMJfIPhT1mCRwYAnwJ-rIt5pmtdNm2Qg1bUrFtMYtvDM9Cg9Ng==
page-data.json
www.file.io/page-data/plans/ 		0
625 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
Origin
https://www.file.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 07:42:01 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
XWYWVGCE97AHK6QZ
x-amz-cf-pop
SIN2-P2
age
4261
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
iPLvcncNMGA24OEXhCIJ/LBs8AiIROuTR+BZsrDDor7Xq1GnhLU6bIjZyasF0BO+kbxCidMwIB0=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
HZRFNCiDpMb0vtoIDDUg3B1ScMz80ppuT20aGbN9vK--6ZWPaTO9SQ==
page-data.json
www.file.io/page-data/index/ 		154 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 00:21:06 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
CZ8W7RN45V01X69Q
x-amz-cf-pop
SIN2-P2
age
30717
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
yRV8FHQRlFEAKgnsSyxvo2xShwA8pvLBGTnAf/YO3HjbcZsjrl2lnbQDLT1U5LcN6yEOSQdb4QUWI6m8KZOu4g==
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
wXC9M-kAsvjfJ-ggynQtTBA9MQC7HVT_Y3BxqV_Hu5J4l9poujsfxA==
page-data.json
www.file.io/page-data/developers/ 		163 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 04:13:14 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
NJ1C4V189H3051N9
x-amz-cf-pop
SIN2-P2
age
16788
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
UlBZPSu1WpOMY1Ao80fHcSdt/aD73Yb+Huv4yLQAyUvqGpDb3FnTFnxLIPFwe4Z1aYKUYfh9gN0=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
ZXNzO41dIFwJRXMie18zor9XaUovLQCQmr61HjsNXUX7IwvPnBKbLg==
page-data.json
www.file.io/page-data/plans/ 		141 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 07:42:01 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
XWYWVGCE97AHK6QZ
x-amz-cf-pop
SIN2-P2
age
4262
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
iPLvcncNMGA24OEXhCIJ/LBs8AiIROuTR+BZsrDDor7Xq1GnhLU6bIjZyasF0BO+kbxCidMwIB0=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
JsZjJYTdjstty3gkDHNt6b8TrfnU6lmkFXGczXp6oLtu-EfQu7HTJg==
page-data.json
www.file.io/page-data/login/ 		135 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 01:05:48 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
VYF24QTCSS28ZTCA
x-amz-cf-pop
SIN2-P2
age
28035
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
V6FNi/qM+qF62z/WpQMiE4rbIhfVBFQmFyEyMEj/2u/cj7H3dt08wRGPKtObTmKReKMH3DbDTly3QfjjfrTCAg==
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
lhBSNLHZGtE123LyHs-N1A4pz0TCcX2-w18KfifcNkBQZIubiDBVCQ==
1
mc.yandex.ru/watch/90916604/
Redirect Chain
  • https://mc.yandex.ru/watch/90916604?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D...
  • https://mc.yandex.ru/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%...
435 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asm0eap24cmhk4ozkpnx0n%3Afp%3A4812%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1064093290175%3Ahid%3A199560120%3Az%3A0%3Ai%3A20230228085302%3Aet%3A1677574382%3Ac%3A1%3Arn%3A473209007%3Arqn%3A1%3Au%3A1677574382721367189%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C405%2C1122%2C840%2C958%2C0%2C%2C13%2C0%2C5204%2C5204%2C0%2C3345%3Aco%3A0%3Acpf%3A1%3Ans%3A1677574374052%3Arqnl%3A1%3Ast%3A1677574382%3At%3ADownload%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
4d009a4452039d36976c1fe64f297c02ac17eb820a320de6cd6c2c9f6ea3bf1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 28-Feb-2023 08:53:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Tue, 28-Feb-2023 08:53:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:02 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28-Feb-2023 08:53:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asm0eap24cmhk4ozkpnx0n%3Afp%3A4812%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1064093290175%3Ahid%3A199560120%3Az%3A0%3Ai%3A20230228085302%3Aet%3A1677574382%3Ac%3A1%3Arn%3A473209007%3Arqn%3A1%3Au%3A1677574382721367189%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C405%2C1122%2C840%2C958%2C0%2C%2C13%2C0%2C5204%2C5204%2C0%2C3345%3Aco%3A0%3Acpf%3A1%3Ans%3A1677574374052%3Arqnl%3A1%3Ast%3A1677574382%3At%3ADownload%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 28-Feb-2023 08:53:02 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Feb 2023 11:11:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63f47caa-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 28 Feb 2023 09:53:02 GMT
get
feed.avplayer.com/backend/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=611a1881cd22c87dcd063d22&AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.56.245 Osaka, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-56-245.deploy.static.akamaitechnologies.com
Software
istio-envoy / PHP/8.1.16
Resource Hash
e66a30680f5771e6e79fffcc5bd2f07335a6f9ad7246bbe384b9cbbd6bd4e5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-powered-by
PHP/8.1.16
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-envoy-upstream-service-time
20
content-length
783
expires
Tue, 28 Feb 2023 09:53:03 GMT
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
etag
"1646327924"
x-hw
1677574382.dop215.la3.t,1677574382.cds260.la3.hn,1677574382.cds032.la3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
61326
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&cb=1677574382266&r=www.file.io&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d65=IntentIQ&d66=7&e=playerLoaded&cpid=611a1881cd22c87dcd063d22&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.57.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-57-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
component---src-pages-index-js-6f342476ad3d7376370b.js
www.file.io/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-index-js-6f342476ad3d7376370b.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 19:50:20 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
W5K7K6FHMQ0ZEVE2
x-amz-cf-pop
SIN2-P2
etag
W/"a815a80bb57be2461e02b661e195f1f8"
age
133363
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
dM1QwfZ9KEM07lBl5y0IyTndpYOPbGCRozjJddFi9AVxSqIW0eGd_A==
x-amz-id-2
76usaULhfQKF1OX6h49G1jTUulzd7wvTAjW1vRze45XCsZoaZKIZgrB/IKcI9XCC0yhl6y0iC80=
component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
www.file.io/ 		0
169 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 19:16:48 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
8855CB5CY2CQ4M2F
x-amz-cf-pop
SIN2-P2
etag
W/"80a59b6f64d0402abb9842573879e8fb"
age
135375
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
xcWFlpquSVftfJOZtJBZDh77a-XtMopvweMTJiDC_CYUozC4WS2Ttg==
x-amz-id-2
kIhHlwm98PJ1yYN/WIlRgjBu8MhpQMk3FOo2k4UjLndPzH0niT0T/JlDf76ViaPbiTVy7L/PSIU=
component---src-pages-login-js-4334d2f9cc13bc6425f6.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-login-js-4334d2f9cc13bc6425f6.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 19:39:09 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
RKY0K9FVESEHP7AH
x-amz-cf-pop
SIN2-P2
etag
W/"5846b26616c0b2bb2d33c186d91ddb78"
age
4281234
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
o0v0oOiIEcF4OzKRZ15b2DwahxiMPxNSl-1M1YsR0xFW8H-79mrAew==
x-amz-id-2
E9ex23TrU2iQRp6jEGWV5VcHEBe0E7fC408NeuIJX6c3oX/KsXQDdd1h6OfktkP1FP8wjudz53w=
component---src-pages-plans-index-js-4d7d70651af058699199.js
www.file.io/ 		0
965 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-plans-index-js-4d7d70651af058699199.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 00:31:41 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:42 GMT
server
AmazonS3
x-amz-request-id
XXRHPB0736DC2E7V
x-amz-cf-pop
SIN2-P2
etag
"66b96715a5faba1158fa14385302dc0f"
age
634882
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
473
x-amz-id-2
PLbJubBvsW7R+H81uQ51AN+hL2Bb2Bb7fnFLB7kkd63G0sB+bWFd9iEZFOtCreAdGkMyLETXZB30apAlr9ytlD1FcqSn+W0m7Mj2c9cutIk=
x-amz-cf-id
ePzo_aUp3Z9J839yqfZSEy_4NAMoKbTh0MNloMfD3SRQIxr9HSvlUg==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 08:53:02 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3166373918727466&correlator=1732955005897675&eid=31072020%2C21065725&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370d898fb531abee85aab&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C970x90%7C336x280%7C970x250&ifi=2&adks=1682134090&didk=1404112648&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D637370d898fb531abee85aab-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a5712cd-v7.17.0%26pg_ld_id%3D675b41c29ecbffe0340663151a28f938%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370d898fb531abee85aab%26co%3DAU%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-02-23%252012%253A23%253A16%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D5eec0155d885b6dd43bb1d679b2539a4%26bf_br%3D23100000%26af_im%3D23100000&sc=1&cookie=ID%3Dc7dc29e9685967cf%3AT%3D1677574381%3AS%3DALNI_MYdo4SzkloN7vTjLovWY8yUrq8dQw&gpic=UID%3D00000bce201e176d%3AT%3D1677574381%3ART%3D1677574381%3AS%3DALNI_Mbr8cWPRsQXeNs0tLE5KMBfEdvKVQ&abxe=1&dt=1677574382627&lmt=1669217203&dlt=1677574376547&idt=5160&adxs=436&adys=993&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1616842533.1677574378&ga_sid=1677574382&ga_hid=334022284&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
bc567154ccb8ee5a485208118eb8aacf221240acefa17b1d492325fe206a416e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15710
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3166373918727466&correlator=1732955005897675&eid=31072020%2C21065725&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370bb889c301e8e7ad53d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C970x90%7C970x250&ifi=3&adks=1730059992&didk=632355589&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D637370bb889c301e8e7ad53d-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a5712cd-v7.17.0%26pg_ld_id%3D675b41c29ecbffe0340663151a28f938%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370bb889c301e8e7ad53d%26co%3DAU%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-02-23%252012%253A23%253A16%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D5eec0155d885b6dd43bb1d679b2539a4%26bf_br%3D23100000%26af_im%3D23100000&sc=1&cookie=ID%3Dc7dc29e9685967cf%3AT%3D1677574381%3AS%3DALNI_MYdo4SzkloN7vTjLovWY8yUrq8dQw&gpic=UID%3D00000bce201e176d%3AT%3D1677574381%3ART%3D1677574381%3AS%3DALNI_Mbr8cWPRsQXeNs0tLE5KMBfEdvKVQ&abxe=1&dt=1677574382634&lmt=1669217203&dlt=1677574376547&idt=5160&adxs=436&adys=263&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1616842533.1677574378&ga_sid=1677574382&ga_hid=334022284&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
4aa4bfe78145796fb71803e6f64f78c7878792e999e967c47ee7afcabe7553a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16137
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		326 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3166373918727466&correlator=1732955005897675&eid=31072020%2C21065725&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_6373734998fb531abee85aca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=4&adks=395328344&didk=1786973171&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D6373734998fb531abee85aca-1003%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a5712cd-v7.17.0%26pg_ld_id%3D675b41c29ecbffe0340663151a28f938%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D6373734998fb531abee85aca%26co%3DAU%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-02-23%252012%253A23%253A16%26ta_si%3D160x600%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D5eec0155d885b6dd43bb1d679b2539a4%26st_ty%3Dvert%26bf_br%3D23100000%26af_im%3D23100000&sc=1&cookie=ID%3Dc7dc29e9685967cf%3AT%3D1677574381%3AS%3DALNI_MYdo4SzkloN7vTjLovWY8yUrq8dQw&gpic=UID%3D00000bce201e176d%3AT%3D1677574381%3ART%3D1677574381%3AS%3DALNI_Mbr8cWPRsQXeNs0tLE5KMBfEdvKVQ&abxe=1&dt=1677574382718&lmt=1669217203&dlt=1677574376547&idt=5160&adxs=45&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&frm=20&vis=1&psz=160x270&msz=160x250&fws=4&ohw=160&ga_vid=1616842533.1677574378&ga_sid=1677574382&ga_hid=334022284&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
32593a95433be5f659a20d0b41ba5d8b870016a03cbd7dea8441dd844f1ccc69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6660 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
86659
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 08:48:44 GMT
expires
Tue, 27 Feb 2024 08:48:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4849 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
GSE /
Resource Hash
d6a3cc01a5f5b8317e560bb24554479345c0c799b3a95e006b9876a1a709d99b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4nCExWsLNMPEpxj3nS30Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-4nCExWsLNMPEpxj3nS30Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 08:53:03 GMT
expires
Tue, 28 Feb 2023 08:53:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
pagead2.googlesyndication.com/bg/ Frame 6660 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 14:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
585717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14306
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 14:11:06 GMT
container.html
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CADB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 08:53:02 GMT
expires
Wed, 28 Feb 2024 08:53:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		251 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
ctrack
track1.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=63f7530d2bdf8c59ab0dcf13&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cpll&cb=1677574383519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.146.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-146-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		33 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=63036f5d074d1b2c0e033ce5&AV_TEMPID=634810e43259c149ba2da227&cid=63036ec4493ff651bf36c244&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 28 Feb 2023 08:53:03 GMT
x-guploader-uploadid
ADPycdt3y2zo7hLVmMVjNlvzKdZNLwltavD1wr4n3N8J66Tvf17BdP34CdMbozvf2uP_3_nCEMYrvlqCLU--OB8HtFkBFcYCCJQx
x-goog-storage-class
STANDARD
Content-Range
bytes 0-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
16354257
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1677574383.dop215.la3.t,1677574383.cds260.la3.hn,1677574383.cds277.la3.c
x-goog-stored-content-length
16354257
accept-ranges
bytes
AVmanager.js
player.aniview.com/script/6.1/ Frame A37C 		450 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
add129d75bcc0c975d5dfbfbd7504c73294e1b967bc16c3f102a11ff394853fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:03 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 07:09:48 GMT
etag
"1677568188"
x-hw
1677574383.dop207.sj3.t,1677574383.cds103.sj3.hn,1677574383.cds217.sj3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
123981
adview
securepubads.g.doubleclick.net/pagead/ Frame CADB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChWhr7sD9Y8DsLo3QowPo3pkgrNf98GS09qiT4gvAjbcBEAEgAGClgICAkAGCARdjYS1wdWItNTc4MTUzMTIwNzUwOTIzMsgBCeACAKgDAaoEuAJP0Fpg3MH1DPXlfg7uCezGClQYrNQtvapjqfh-f95LeOH9kMrrjLR6GQrlvMkDRkawiamcq_7tyKEXMPOOq0_tmg2pAK47cYZXbnlZYPjkqpFSYUMprHIuhAut423JG7KhxOQv0J9rFd3KpEKmabgtiaCcMg4SnMonUtpsAPpzr6tbOMcnndMLZuKluF46gE0svja_O-JL3tZXfjuzMsv6f2labaRfQ5_4VBmytnovAn8HrsVvnh54YC5WEOeSzHX1AB-l7LoHA3ywt8DqrkqGtsxr1Dff5PjdVoJLA3f57i85l2Doz_8c6eCC0_SDo4e5rk_qBldMb-OyEtcNVH1XmHa616FztDZve_eIuAOmJVJBKSitBg990HGXtPMNarLfmqUbxEizk5pjheUvTVq6KslsSk6gY8rgBAGABtKa0Y6JsdS51AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=cZSwgy8PH14&uach_m=[UACH]&cid=CAQSPADUE5ymBYD55x9zVakqKQm2-7Mfq786kR7pv9SDcgS9f4jeRFKLbwWPCcQmz145mPrhsuw85j6oziqzNBgB
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
log
hblg.media.net/ Frame CADB 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=d8c76fc2ab044ee4a0eed077fcfb837e&bidrestime=1677574382910&cbdp=0.26&ogbdp=0.26&prvReqId=25551993851981_995920787_52982010413131&pvid=313&scrid=1700080812610100970025000000500&size=970x250&slotVisibility=2&viewability=86&app=0&cc=AU&cid=8CU3SX34C&csip=rtb-common-istio-568b4566f8-gfnq7.SG&device_id=4&dn=file.io&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&dtc=apac_sg&zone=b&commit_id=af8d5bf8&ugd=4&ctr=0.0&rme=nurl
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:04 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 28 Feb 2023 08:53:04 GMT
log
qsearch-a.akamaihd.net/ Frame CADB 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=&app_type=&bdr_typ=1&ogerpm=0.26&dn=file.io&stid=&other_prv=313&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.177+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=d8c76fc2ab044ee4a0eed077fcfb837e&req_id=W-vGZZIsMh0FeQaQJtggwQ&bidfp=0.2500&pvag_id=&ugd=4&zone=b&infl=&o_ver=NT+10.0&br_ver=110.0.5481.177&exp=&deal_id=&ver=9.2.0&totalTimeBucket=1&visibility=2&fdbk_id=&second_bidder=*&totalTime=1701970&e_rpm=&dmm_m22=0.2600&gpid_format=&gdpr=&vsid=&seat=BID_API&rc=-1&size=970x250&f_seg=&prdp=&gpid_sent=false&ogerpm_used=false&sfm_key=&cid=8CU3SX34C&bcrid=1700080812610100970025000000500&ogcbdp=0.2600&dfpbd=&server=6&ogerpm_wd_bkt=0-1&viewability=0.86&rawbid=0.26&dmm_r=&dmm_l=&sub_bidder=196&tcyerpm=&sc=NSW&send_erpm=false&pst=EMS&sd=1&hb_exp=&pbshr=100.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-common-istio-568b4566f8-gfnq7.SG&adblk=1682134090&ugd_ver=&requrl=file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&itype=adx&pvid_seat=313_BID_API&bidrestime=0&cc=AU&strg=smm_migration_test&ss=&cliIP=0&advurl=topics.businessfocus.online%2F&crid=529820104&time_stamp=2023-02-28+08%3A53%3A02&sat=1&rvshhon=&bdp=0.2600&br_id=265&ct=beaconsfield&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.0&sc_pvid=313&capd=&asn=54203&algo=&other_bids=0.26&dc=apac_sg
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-216.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:04 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 28 Feb 2023 08:53:04 GMT
nmedianet.js
contextual.media.net/ Frame CADB 		166 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f314d6f82089e2213c9c6d82a0391409227d753d7be5d97a661e59f642a515a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-mnt-h
22-g05m
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 28 Feb 2023 08:53:04 GMT
server
Apache
etag
"c7fbf8e6268a756c51e210e5a176f798"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ncm2
timing-allow-origin
*
expires
Tue, 28 Feb 2023 08:58:04 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame CADB 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 28 Feb 2023 08:53:04 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=18472
access-control-allow-credentials
true
content-length
62892
expires
Tue, 28 Feb 2023 14:00:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame CADB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 23:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
35497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 23:01:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame CADB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
43451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 20:48:52 GMT
l
www.google.com/ads/measurement/ Frame CADB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZqm3hrlht6st-H7I16lN7LTsFVDJ85DTdLLgqSFuPzIbuIpdOtjqHkGoq9AxJmwQf_PXLGFkn3Jy5L5wJvnVQFQoYsg
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CADB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
492406
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Feb 2024 16:06:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CADB 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 08:53:04 GMT
generate_204
tpc.googlesyndication.com/ Frame 6660 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IRXpAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4849 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022301&jk=3166373918727466&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
container.html
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48C2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 08:53:02 GMT
expires
Wed, 28 Feb 2024 08:53:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		131 KB
131 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=63036f5d074d1b2c0e033ce5&AV_TEMPID=634810e43259c149ba2da227&cid=63036ec4493ff651bf36c244&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
UploadServer /
Resource Hash
e19a30d7d8b2a0a2d1b061e0d63cf287ed9df54c77d521548783a0d21f37eb46

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=16220160-

Response headers

date
Tue, 28 Feb 2023 08:53:03 GMT
x-guploader-uploadid
ADPycdt3y2zo7hLVmMVjNlvzKdZNLwltavD1wr4n3N8J66Tvf17BdP34CdMbozvf2uP_3_nCEMYrvlqCLU--OB8HtFkBFcYCCJQx
x-goog-storage-class
STANDARD
Content-Range
bytes 16220160-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
134097
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1677574383.dop215.la3.t,1677574383.cds260.la3.hn,1677574383.cds277.la3.c
x-goog-stored-content-length
16354257
accept-ranges
bytes
adview
securepubads.g.doubleclick.net/pagead/ Frame 48C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cgnb778D9Y5CFC5LE1Ab01pvoDKzX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLICT9BVEqmyMGRJhXp_p0Qe_bD9cTG40YFmB9DxgVMIkMpBvKfweNp8yPm-EEIhGxW8tsBJNSE4nN9L-LeZiudzktoWGuc2ZJx87ETfKnB2f3w-BL62SnC5LXQ3ytUwExbQi3zpyupVzgYihQhRd8HO62N7LgT2gNtJoy3KoU0acJebE_ZUAsjKicMtv-4yk-L2f1M_5bMSp4oiopyveW3_BruuAbuXJ-WThBagK88ixjB_RG4yjMoAzwoJbryqqu20CLS9PgLNatMDsGQB0atzMZ0BsynqQy2_bUvwUbyigVJnXhBoQ9FHkowc2YopMJ2XaUw8xQX_lYeSOApTReEcBTXGCH1zEnkXBTCWKNiAjD6eUa40AWJhuvGGZzuvRZBeo0Rit1p9nvFohLFreYBjGIU34AQBgAbSmtGOibHUudQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTc4MTUzMTIwNzUwOTIzMhjntm0&sigh=eLBn-m8e75Y&uach_m=[UACH]&cid=CAQSPADUE5ym8IRlBKZWuB0yGJug4NQuFTxR-0Z3C1ga_rw2L2IYciDYB8JETpvUAaTmhXBNCLyRoNqnCVRSpRgB
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
log
hblg.media.net/ Frame 48C2 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=5ce40aab538a4786b751c5363e4061f0&bidrestime=1677574383333&cbdp=0.251&ogbdp=0.27&prvReqId=40817889751342_1506373200_52982010413131&pvid=313&scrid=1700080812610100970025000000500&size=970x250&slotVisibility=1&viewability=87&app=0&cc=AU&cid=8CU3SX34C&csip=rtb-common-istio-568b4566f8-vr5cq.SG&device_id=4&dn=file.io&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&dtc=apac_sg&zone=b&commit_id=af8d5bf8&ugd=4&ctr=0.0&rme=nurl
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:04 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 28 Feb 2023 08:53:04 GMT
log
qsearch-a.akamaihd.net/ Frame 48C2 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.2700&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=2.0&adtyp=0&req_id=j7hxGzskAaiNpZ82-8ECFw&bd_m3=0.0000&bidfp=0.2500&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=63.3244&exp=&deal_id=&fdbk_id=&second_bidder=*&search_res=24&floor_bucket=0.25&gpid_format=&seat=BID_API&rc=-1&size=970x250&url_l1=k5o8&ecp_rtime=0&f_seg=&url_l2=download&prdp=0.2510&ogcbdp=0.2700&dfpbd=0.2510&server=1&ogerpm_wd_bkt=0-1&model_version=202302271014_generic_adx_1-cid_1&viewability=0.8700&dmm_r=0.0000&cut=7&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=NSW&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.25&ugd_ver=&requrl=file.io%2Fk5o8%2Fdownload%2F0hpsphneikmh%2F&bidrestime=1677574383333&cc=AU&strg=harmony&ss=&current_hour=8&time_stamp=2023-02-28+08%3A53%3A03&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.2700&ct=beaconsfield&akey=&mnckfl=0&asn=54203&bdp_bucket=0.25&algo=default&dc=apac_sg&splid=&erpm_mult=1.000000&dn=file.io&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.177+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=5ce40aab538a4786b751c5363e4061f0&zone=b&infl=flr&o_ver=NT+10.0&br_ver=110.0.5481.177&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.2.0&totalTimeBucket=5&visibility=1&totalTime=5891689&dmm_m1=2023-02-28+08%3A53%3A03.337729935&e_rpm=0.0000&dmm_m22=0.2700&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100970025000000500&rawbid=0.2700&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-istio-568b4566f8-vr5cq.SG&dfp_bucket=0.2&adblk=1730059992&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=5&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.27
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-216.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:04 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 28 Feb 2023 08:53:04 GMT
nmedianet.js
contextual.media.net/ Frame 48C2 		166 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e703cc3f00ebdbe78e490c36b194b8e88905b7a82aaefcc2666c323dd511db0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-mnt-h
22-g05m
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 28 Feb 2023 08:53:04 GMT
server
Apache
etag
"c7fbf8e6268a756c51e210e5a176f798"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ncm2
timing-allow-origin
*
expires
Tue, 28 Feb 2023 08:58:04 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 48C2 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 28 Feb 2023 08:53:04 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=18472
access-control-allow-credentials
true
content-length
62892
expires
Tue, 28 Feb 2023 14:00:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 48C2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 23:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
35498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 23:01:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 48C2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 20:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
43452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 20:48:52 GMT
l
www.google.com/ads/measurement/ Frame 48C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbE70ZMlQeGh9JnNzwr4TqYTn0glBa-Yevw5ovTP2giXNpEHNVVwhg5Ipjybxm9KiDARPC4qiO6X5yE2wl40VkMWM42w
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 48C2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
492407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Feb 2024 16:06:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48C2 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 08:53:04 GMT
track_enc
track.venatusmedia.com/dual/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.38.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-38-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:05 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/1/ 		34 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/1/?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=4dd5e1c8db5791b85c4d6864add24906&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_VIDEOURL=https%3A%2F%2Fcontent1.avplayer.com%2F5f2063121d82c82557194737%2Fvideos%2F63f7530d2bdf8c59ab0dcf13%2F63f7533bbdc449913e0a4913%2Fvideo.mp4%3FAV_TAGID&AV_TEMPID=634810e43259c149ba2da227&cid=63036ec4493ff651bf36c244&pid=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=1&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&d36=6.2.85&responsive=1&sver=4&avtoken=384473&omv=1.0.1&AV_D65=IntentIQ&clsid=ea19a9c6-1108-470d-a41b-ef127f9669e9&rando=73&AV_WIDTH=440&AV_HEIGHT=247&AV_DNT=0&cb=1677574384476&wfc=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.131.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-131-34.compute-1.amazonaws.com
Software
/
Resource Hash
d252b8e54d6e52d680b17d272077ea33356fc690acfcbe7af291229beb96dc6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.file.io
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 16 Feb 2023 19:06:25 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.file.io&sn=&ic=0&tgt=0&app=&wi=440&he=247&test=1&d36=6.2.85&apppkg=&fv=1&proto=https&d65=IntentIQ&clsid=ea19a9c6-1108-470d-a41b-ef127f9669e9&rando=73&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&e=inventory&vi=100&cb=1677574384475
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.57.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-57-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Feb 2023 08:53:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
286547
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&b=1&g=JzjmmH8UUrm4lks5ZPLtmNJm4IhABAAnwsO67AFKkZ4%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&b=1&g=JzjmmH8UUrm4lks5ZPLtmNJm4IhABAAnwsO67AFKkZ4%3D
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 28 Feb 2023 08:53:04 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.file.io
location
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&b=1&g=JzjmmH8UUrm4lks5ZPLtmNJm4IhABAAnwsO67AFKkZ4%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
json
gum.criteo.com/sid/ 		338 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d6e76b17161a60ecc1bd2b7381a8d0ab84d9a499e4593ecaa174d835c46993c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1415884
expires
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
9c7cec8ed1cb161f78d9b55fbd1bbb7fd538a55678da857e5f426a0bfd3032e8

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 30 Mar 2023 08:53:04 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
sync
eb2.3lift.com/ Frame 2F87
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
6b1f78766f76bfb9c7c7161eebe06b76c3f372d5bd8b8a39174c09470287282e

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:05 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 28 Feb 2023 08:53:04 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 04A0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.199 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 28 Feb 2023 08:53:05 GMT
ETag
"623de86a-cf34"
Expires
Wed, 01 Mar 2023 08:53:07 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6D53 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.199 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 28 Feb 2023 08:53:05 GMT
ETag
"623de86a-cf34"
Expires
Wed, 01 Mar 2023 08:53:07 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 58A3
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
6b1f78766f76bfb9c7c7161eebe06b76c3f372d5bd8b8a39174c09470287282e

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:05 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 28 Feb 2023 08:53:04 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 271F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151664
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 28 Feb 2023 08:53:05 GMT
expires
Thu, 02 Mar 2023 03:00:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 018B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.199 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 28 Feb 2023 08:53:05 GMT
ETag
"623de86a-cf34"
Expires
Wed, 01 Mar 2023 08:53:07 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 539A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151664
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 28 Feb 2023 08:53:05 GMT
expires
Thu, 02 Mar 2023 03:00:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
iu3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=snb&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=snb&dcc=t
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EHX468BX5QZSNT2QBRMS
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=snb&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D9888360e-50d3-4507-81d4-1b3d1efc897f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F555%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526A%253D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD05ODg4MzYwZS01MGQzLTQ1MDctODFkNC0xYjNkMWVmYzg5N2Y%25253D%2526uid%253D%2523PMUID
Protocol
H2
Server
67.199.150.82 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F555%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1---%2526A%253D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD05ODg4MzYwZS01MGQzLTQ1MDctODFkNC0xYjNkMWVmYzg5N2Y%25253D%2526uid%253D%2523PMUID
date
Tue, 28 Feb 2023 08:53:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=345463fd-c0f1-4500-9fc4-78b7daf0bb82
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=345463fd-c0f1-4500-9fc4-78b7daf0bb82
Protocol
HTTP/1.1
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-17
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 28 Feb 2023 08:53:05 GMT
Server
MT3 530 4e92630 master hkg-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=345463fd-c0f1-4500-9fc4-78b7daf0bb82
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Feb 2023 08:53:04 GMT
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=528dcc40-afc2-47e6-a469-3a68e3c2c7e9
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1920574145825885534
49 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1920574145825885534
Protocol
HTTP/1.1
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:07 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-99
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1920574145825885534
Date
Tue, 28 Feb 2023 08:53:07 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=9888360e-50d3-4507-81d4-1b3d1efc897f
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&pubid=116da9d98c
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&pubid=116da9d98c
Protocol
HTTP/1.1
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-31
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&pubid=116da9d98c
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
227
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F595%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D528dcc40-afc2-47e6-a469-3a68e3...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F595%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD01MjhkY2M0MC1hZmMyLTQ3ZTYtYTQ2OS0zYTY4ZTNjMmM3ZTk%253D%26uid%3D%24UID
Protocol
H2
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F595%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD01MjhkY2M0MC1hZmMyLTQ3ZTYtYTQ2OS0zYTY4ZTNjMmM3ZTk%253D%26uid%3D%24UID
date
Tue, 28 Feb 2023 08:53:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8a30bdcf-c3f8-4df9-86fb-30348e4f56bc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RWRuZXl1MDBpRDl0X3o2NEpYazZlZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAuMcMtcnuK_N3UYv4pklus&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=iOr69mgMXzzW
49 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=iOr69mgMXzzW
Protocol
HTTP/1.1
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-26
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
en-AU
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=iOr69mgMXzzW
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6fd944bf65-jdrx9
expires
-1
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OGEzMGJkY2YtYzNmOC00ZGY5LTg2ZmItMzAzNDhlNGY1NmJj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDmTT-FfFiG2ZHuhb_VcIe4&google_cver=1
49 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDmTT-FfFiG2ZHuhb_VcIe4&google_cver=1
Protocol
HTTP/1.1
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-8
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDmTT-FfFiG2ZHuhb_VcIe4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LEO0H4J7-1S-L4ZQ&gdpr=0&us_privacy=1---
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LEO0H4J7-1S-L4ZQ&gdpr=0&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LEO0H4J7-1S-L4ZQ&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=9888360e-50d3-4507-81d4-1b3d1efc897f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=9888360e-50d3-4507-81d4-1b3d1efc897f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=79447bea-2257-4356-b98a-218e13b7dfa0&gdpr=0&gdpr_consent=&us_privacy=1---
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=79447bea-2257-4356-b98a-218e13b7dfa0&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=79447bea-2257-4356-b98a-218e13b7dfa0&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Tue, 28 Feb 2023 08:53:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d719f6e3-4709-4897-81df-6dc1be3a6813&google_hm=ZDcxOWY2ZTMtNDcwOS00ODk3LTgxZGYtNmRjMWJlM2E2ODEz
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECItuqgxPYiQCHqxaziY7aU&google_cver=1&ssp=sonobi&bsw_param=d719f6e3-4709-4897-81df-6dc1be3a6813
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=d719f6e3-4709-4897-81df-6dc1be3a6813
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=d719f6e3-4709-4897-81df-6dc1be3a6813
Protocol
HTTP/1.1
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-23
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=d719f6e3-4709-4897-81df-6dc1be3a6813
Date
Tue, 28 Feb 2023 08:53:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=adaptmx&user_id=528dcc40-afc2-47e6-a469-3a68e3c2c7e9&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A
49 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A
Protocol
HTTP/1.1
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-12
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A
date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
ctrack
track1.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=63f7530d2bdf8c59ab0dcf13&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cply&cb=1677574384611
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.146.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-146-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=63036f5d074d1b2c0e033ce5&AV_TEMPID=634810e43259c149ba2da227&cid=63036ec4493ff651bf36c244&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=32768-

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
x-guploader-uploadid
ADPycdt3y2zo7hLVmMVjNlvzKdZNLwltavD1wr4n3N8J66Tvf17BdP34CdMbozvf2uP_3_nCEMYrvlqCLU--OB8HtFkBFcYCCJQx
x-goog-storage-class
STANDARD
Content-Range
bytes 32768-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
16321489
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1677574386.dop215.la3.t,1677574386.cds260.la3.hn,1677574386.cds277.la3.c
x-goog-stored-content-length
16354257
accept-ranges
bytes
smtr
contextual.media.net/ Frame CADB 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=266701947&size=970x250&cc=AU&chnm=smm_migration_test&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&nse=5&vi=1677574384967697800&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&itid=17&bae=B4xxzxNaqg&bcpf=B4xxzx8fOnRrolnfOur8Naqg&bdrId=313&bid=337525&ntv=0&matchstring=hr%3D0%7C&sff=0&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p01248961291t202302280853&essld=uhA.fHX.f9i.9~KP~Ibp~GJ1NmzQk8JjO&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&isid=313&allsc=NSW
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
89e0cd9b5bf6b9054abfc063257e02657b90a8388c9a43f17b83ef77dbbbba6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-zvfl
timing-allow-origin
*
content-length
29173
expires
Tue, 28 Feb 2023 08:53:05 GMT
bping.php
lg3.media.net/ Frame CADB 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=728&&vgd_cdv=881&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=266701947&vi=1677574384967697800&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=170785150&r=1677574385035&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&ssld=%7B%22QQ8E%22%3A%22uhA.fHX.f9i.9%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22Ibp%22%2C%22QQN75%22%3A%22GJ1NmzQk8JjO%22%7D&vgd_bid=337525&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1677574384139623731&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_itype_id=17&vgd_pgid=p01248961291t202302280853&vgd_pgids=1&vgd_uspa=0&hvsid=00001677574385032029185683759810&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 28 Feb 2023 08:53:05 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 28 Feb 2023 08:53:05 GMT
checksync.php
contextual.media.net/ Frame BA60 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f2b375062dc1e1ecf20d461403eec4b77528060e29e00c649b68a50f98f8668e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9544
content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 08:53:05 GMT
expires
Thu, 02 Mar 2023 08:53:05 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame CADB 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4781&lper=1&itypeid=17&itype=ADX&cc=AU&cid=8CU3SX34C&reqid=W-vGZZIsMh0FeQaQJtggwQ&vid=W-vGZZIsMh0FeQaQJtggwQ&dn=file.io&rawDn=file.io&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NSW&ct=beaconsfield&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-568b4566f8-gfnq7.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=54203&sckfl=1&suid=CAESEDgsu2TTW37G2c8HYKVEcwQ&smbrid=adx-unknown&usp_status=0&usp_enf=1&gqid=AGJvddewPcC81UQ9DNKrYWw-wOX471hpHQYARsTbo84k-24_m8m0K6ro2zNLSaibP4YsxSlA&pexid=ADX-pub-5781531207509232&geoll=false&is_ortb=false&s_ip=74.125.190.138&s_city=singapore&commit_id=af8d5bf8&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-02-27+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=AU&ipcc=AU&rtttime=51&pvid=313&prvAccId=266701947&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=529820104&prspt=headerBid&prvReqId=25551993851981_995920787_52982010413131&reqsize=970x250&size=970x250&chnl=smm_migration_test&bdp=0.260&cbdp=0.26&og_cbdp=0.260&ogbdp=0.26&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.26&dt=O&dbf=1&epc=266701947&s=1&snm=SUCCESS&pcrid=8CUABW64L-266701947-9-28&tpbTkn=false&exid=31&bidflr=0.250&pbidflr=0.250&opbidflr=0.250&spbf=0&viewability=86&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1677574382910&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.26&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080812610100970025000000500&strg=smm_migration_test&vls=0&scrid=1700080812610100970025000000500&mang=1&pvdTmax=252&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUABW64L&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=4&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250%7C336x280%7C728x90%7C970x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=bca7e990d9&acid=d8c76fc2ab044ee4a0eed077fcfb837e&rtime=29.0&wsip=mowx-istio-69c8b887cf-zzfpc&ltime=44.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1682134090&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=d8c76fc2ab044ee4a0eed077fcfb837e_1&policy_enf=2&pub_blk_enf=1&renderer=1&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=0.0&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=W-vGZZIsMh0FeQaQJtggwQ&supplyTagId=1682134090&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=45&debug_ts=2023-02-28+08%3A53%3A02&__expireat=1677574983163&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.26~vw_exc%3D0.86~smm_bid%3D0.26~vis_sd%3D674~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2023022802~iurl_b%3D939.33~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.53~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D17~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023022802~vis_b%3D890.54~url_b%3D1.06~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D17.3836~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~smm_mul%3D1~l2r_b%3D1000~erpm%3D0.26~vl2r_url_kc%3D0E0~MFB%3DB~bm%3D1.05~smm_sd%3D2023022720~sid%3D266701947~sd%3D1~uid%3D1HeXvCo39qb6aUog8t~btd%3D68618591772838107683910631739801611482562650682741448805103037155055913736223142519613175922757632~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.44~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D66.62~vurl_l%3D20~CI%3D2857~nts%3D4~tb%3D-1~ct%3Dbeaconsfield~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.7~isif%3D0~lc%3D3~bid%3D0.26~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.86%7Eamp%3D1%7Ecbdp%3D0.260%7Edmm%3Dsmm_migration_test%7Esuid%3DCAESEDgsu2TTW37G2c8HYKVEcwQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5781531207509232%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D1682134090%7Esobp%3D%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.250%7Eogbid%3D0.260%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~nsz%3D4~tgs%3D300x250%7C336x280%7C728x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D252&utime=2134&sf=0&cpr=0.5829219715950249
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
max-age=3600
date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Tue, 28 Feb 2023 14:53:05 GMT
smtr
contextual.media.net/ Frame 48C2 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=266701947&size=970x250&cc=AU&chnm=HARMONY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&nse=5&vi=1677574384870591736&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&itid=17&bae=B4xxzxNaq/&bcpf=B4xxzx8fOnRrolnfOur8Naq%2F&bdrId=313&bid=337936&ntv=0&matchstring=hr%3D0%7C&sff=0&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p01248961291t202302280853&essld=uhA.fHX.f9i.9~KP~Ibp~GJ1NmzQk8JjO&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&isid=313&allsc=NSW
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9e673ccfd47b73c3d5ecb9642c709cf44f541216de14a3cfe0c5f3bef0112281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-gc7g
timing-allow-origin
*
content-length
29174
expires
Tue, 28 Feb 2023 08:53:05 GMT
bping.php
lg3.media.net/ Frame 48C2 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=728&&vgd_cdv=881&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=266701947&vi=1677574384870591736&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=170785150&r=1677574385072&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&ssld=%7B%22QQ8E%22%3A%22uhA.fHX.f9i.9%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22Ibp%22%2C%22QQN75%22%3A%22GJ1NmzQk8JjO%22%7D&vgd_bid=337936&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1677574384160676083&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_itype_id=17&vgd_pgid=p01248961291t202302280853&vgd_pgids=1&vgd_uspa=0&hvsid=00001677574385069029185683753044&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 28 Feb 2023 08:53:05 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 28 Feb 2023 08:53:05 GMT
checksync.php
contextual.media.net/ Frame 81E0 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f2b375062dc1e1ecf20d461403eec4b77528060e29e00c649b68a50f98f8668e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9544
content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 08:53:05 GMT
expires
Thu, 02 Mar 2023 08:53:05 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 48C2 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4664&lper=1&itypeid=17&itype=ADX&cc=AU&cid=8CU3SX34C&reqid=j7hxGzskAaiNpZ82-8ECFw&vid=j7hxGzskAaiNpZ82-8ECFw&dn=file.io&rawDn=file.io&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NSW&ct=beaconsfield&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-568b4566f8-vr5cq.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=54203&sckfl=1&suid=CAESEMi38fk9u0k9n--ZiXm1H9I&smbrid=adx-unknown&usp_status=0&usp_enf=1&gqid=AGJvdddXYV0DKLggm05MMzF35EAhVIeebn0cwOjrmLmUFeNcvXaCDWfDZJs1a4iMGguCPWXL&pexid=ADX-pub-5781531207509232&geoll=false&is_ortb=false&s_ip=172.253.211.1&s_city=singapore&commit_id=af8d5bf8&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-02-27+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=AU&ipcc=AU&rtttime=54&pvid=313&prvAccId=266701947&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=529820104&prspt=headerBid&prvReqId=40817889751342_1506373200_52982010413131&reqsize=970x250&size=970x250&chnl=HARMONY&bdp=0.270&cbdp=0.251&og_cbdp=0.270&ogbdp=0.27&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.251&dt=O&dbf=1&epc=266701947&s=1&snm=SUCCESS&pcrid=8CUABW64L-266701947-9-5&tpbTkn=false&exid=31&bidflr=0.250&pbidflr=0.250&opbidflr=0.250&spbf=0&viewability=87&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1677574383333&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.27&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080812610100970025000000500&strg=HARMONY&vls=0&scrid=1700080812610100970025000000500&mang=1&pvdTmax=251&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUABW64L&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=3&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250%7C728x90%7C970x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=bca7e990d9&acid=5ce40aab538a4786b751c5363e4061f0&rtime=15.0&wsip=mowx-istio-69c8b887cf-j9b2b&ltime=41.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=1730059992&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=5ce40aab538a4786b751c5363e4061f0_1&policy_enf=2&pub_blk_enf=1&renderer=1&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=0.0&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=j7hxGzskAaiNpZ82-8ECFw&supplyTagId=1730059992&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=43&debug_ts=2023-02-28+08%3A53%3A03&__expireat=1677574983592&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.27~vw_exc%3D0.87~vis_sd%3D674~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2023022802~iurl_b%3D939.33~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.53~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D14~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023022802~vis_b%3D903.62~url_b%3D1.06~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.27~vl2r_url_kc%3D0E0~MFB%3D1p~bm%3D1~sid%3D266701947~sd%3D1~uid%3D1HeXw59pz6InZJSibu~btd%3D68618591741009420494398736938116074500286734940189823240203961971987548942990424811394355426562048~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.44~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D66.62~vurl_l%3D20~CI%3D2857~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.7~isif%3D0~lc%3D3~bid%3D0.27~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.251%7Edmm%3Dharmony%7Esuid%3DCAESEMi38fk9u0k9n--ZiXm1H9I%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5781531207509232%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D1730059992%7Esobp%3D%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.250%7Eogbid%3D0.270%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D5%7Edogb%3D0-1~ibc%3D1~nsz%3D3~tgs%3D300x250%7C728x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D251&utime=1748&sf=0&cpr=0.15125534035854749
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
max-age=3600
date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Tue, 28 Feb 2023 14:53:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 60B0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
39963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 21:47:02 GMT
etag
48472445140208031
expires
Tue, 28 Feb 2023 21:47:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 48C2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df3a298ea519b874fa812d43a5251e9aeb67a495069a8f1cd6dce36761a0e886

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
xuid
eb2.3lift.com/ Frame 58A3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 58A3
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 58A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELVpk-zFJyFFqWgVVqkyiYU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELVpk-zFJyFFqWgVVqkyiYU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELVpk-zFJyFFqWgVVqkyiYU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 58A3
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 58A3 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3369387884448946755240&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E2D59C3289E84C87B237113447536085 Ref B: SYD03EDGE0911 Ref C: 2023-02-28T08:53:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1vrlWA97N1TXzd/mvvQ==
xuid
eb2.3lift.com/ Frame 58A3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3369387884448946755240&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3369387884448946755240&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=eee0cfdcad5548a7882e6996e87e0001&ssp=triplelift&bsw_param=c84aa6cb-8484-449c-a750-36a04708661a&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=d719f6e3-4709-4897-81df-6dc1be3a6813&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=d719f6e3-4709-4897-81df-6dc1be3a6813&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=d719f6e3-4709-4897-81df-6dc1be3a6813&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 28 Feb 2023 08:53:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 58A3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3369387884448946755240?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iOkS8.NE2oSq5F.tu9SdxJKDr8hZu0VW7Gh7WRR0ew--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iOkS8.NE2oSq5F.tu9SdxJKDr8hZu0VW7Gh7WRR0ew--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iOkS8.NE2oSq5F.tu9SdxJKDr8hZu0VW7Gh7WRR0ew--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 58A3
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3369387884448946755240
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3369387884448946755240&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3369387884448946755240&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HZC31SEZXN0HQVWHT09P
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3369387884448946755240&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 58A3 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3369387884448946755240&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:04 GMT
last-modified
Fri, 17 Feb 2023 00:56:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 78AEBAA0D0C744CE9EDB80B8980C9000 Ref B: SYD03EDGE0806 Ref C: 2023-02-28T08:53:05Z
etag
"625d0a86a42d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 58A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2232052228606262905&dongle=4d58&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2232052228606262905&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 28 Feb 2023 08:53:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
60e88ea3-0f8f-4ef6-b747-3cd50eb148ca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2232052228606262905&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 2F87
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=584b7180-a046-4cd5-8ae1-87ccc771fabd&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 2F87
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2F87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELVpk-zFJyFFqWgVVqkyiYU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELVpk-zFJyFFqWgVVqkyiYU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELVpk-zFJyFFqWgVVqkyiYU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F87
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 2F87 		0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3369387884448946755240&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 72234CC28CC043E68C2A0ABCCF9640F9 Ref B: SYD03EDGE0911 Ref C: 2023-02-28T08:53:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1vrlWMM2iwdrW8qUIog==
sync
x.bidswitch.net/ Frame 2F87 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3369387884448946755240&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 2F87
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3369387884448946755240?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iOkS8.NE2oSq5F.tu9SdxJKDr8hZu0VW7Gh7WRR0ew--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iOkS8.NE2oSq5F.tu9SdxJKDr8hZu0VW7Gh7WRR0ew--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 28 Feb 2023 08:53:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iOkS8.NE2oSq5F.tu9SdxJKDr8hZu0VW7Gh7WRR0ew--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 2F87
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3369387884448946755240
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3369387884448946755240&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3369387884448946755240&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GMYWC5XWBYBR5ZS332SC
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3369387884448946755240&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 2F87 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3369387884448946755240&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:04 GMT
last-modified
Fri, 17 Feb 2023 00:56:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 868E22DCA9BC4D229B9981D8D73107ED Ref B: SYD03EDGE0806 Ref C: 2023-02-28T08:53:05Z
etag
"625d0a86a42d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 2F87
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2232052228606262905&dongle=4d58&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2232052228606262905&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 28 Feb 2023 08:53:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
44f2a4f9-3f66-4fb3-96d1-6a3dbcfbbc74
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2232052228606262905&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C6E2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
39963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 21:47:02 GMT
etag
48472445140208031
expires
Tue, 28 Feb 2023 21:47:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CADB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88d26425240bedcec10179d5fda0301b29fa0346b7792e7efe5bff55a16873b5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame 539A 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40397572&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4ff28b8b3e390ae39906cdfefdb8546c47e1d2d2a17ccda52b6d1f2a0e3e5988

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 08:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
s.tribalfusion.com/z/ Frame 60B0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGPRhq4TSosG6IUjTxfBmYk&google_cver=1&google_push=Aa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPRhq4TSosG6IUjTxfBmYk&google_cver=1&google_push=Aa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPRhq4TSosG6IUjTxfBmYk&google_cver=1&google_push=Aa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a07ed881c4a6a48-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
788
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPRhq4TSosG6IUjTxfBmYk&google_cver=1&google_push=Aa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_isbjwaKpPpit7n_Ud2mdkuwiXC6s62n_p1o9zLqfpUFlvzweriVS5QdWxni8rtUk2U1uDUaCQtjd-5fiqUFQGEtjz5QM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a07ed85ea3f6a48-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 60B0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHOv00GHp1_Q_S9aaKjwOeE&google_cver=1&google_push=Aa02lx_fGAFZX145llqFXZ2G-iB0PoysaM46KlvEkj2UayM2NU0YonrCQEONNso-tNW-BRi0XjZ5ZB6zg6R8vys...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kYhMWnsGRV9VSLnn1fPTuK310bc&google_push=Aa02lx_fGAFZX145llqFXZ2G-iB0PoysaM46KlvEkj2UayM2NU0YonrCQEONNso-tNW-BRi0XjZ5ZB6zg6R8vy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kYhMWnsGRV9VSLnn1fPTuK310bc&google_push=Aa02lx_fGAFZX145llqFXZ2G-iB0PoysaM46KlvEkj2UayM2NU0YonrCQEONNso-tNW-BRi0XjZ5ZB6zg6R8vysAM3-K4D8PNioI
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kYhMWnsGRV9VSLnn1fPTuK310bc&google_push=Aa02lx_fGAFZX145llqFXZ2G-iB0PoysaM46KlvEkj2UayM2NU0YonrCQEONNso-tNW-BRi0XjZ5ZB6zg6R8vysAM3-K4D8PNioI
Date
Tue, 28 Feb 2023 08:53:06 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 60B0
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOQomNhRO4DcQTpacr3Q0iQ&google_cver=1&google_push=Aa02lx9_vl2iavAOxi2bHE4F4yWnFcS2GEiuVpd7NvTCHI_zVWQeFMcIAA6VOYewXkzeHUrswG6JLYkXHSws2WI8T1...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTkxODI2NjQwNDczMjU0NDc3NDE&google_push=Aa02lx9_vl2iavAOxi2bHE4F4yWnFcS2GEiuVpd7NvTCHI_zVWQeFMcIAA6VOYewXkzeHUrswG6JLYkXHSws2WI8T1SM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTkxODI2NjQwNDczMjU0NDc3NDE&google_push=Aa02lx9_vl2iavAOxi2bHE4F4yWnFcS2GEiuVpd7NvTCHI_zVWQeFMcIAA6VOYewXkzeHUrswG6JLYkXHSws2WI8T1SM08UxeQg
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTkxODI2NjQwNDczMjU0NDc3NDE&google_push=Aa02lx9_vl2iavAOxi2bHE4F4yWnFcS2GEiuVpd7NvTCHI_zVWQeFMcIAA6VOYewXkzeHUrswG6JLYkXHSws2WI8T1SM08UxeQg
Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 60B0 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOfKBmZ6ogx_zVX0P3KTbNM&google_cver=1&google_push=Aa02lx-jDi8czDAvydCbaZi574c_V0MXPEsWtunZKYGPUqGWPPntWA8rUjDRqPDzT0Va6wDfQ3aEkFTNtKhi_8FwA1IdUEjlCv9j
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 60B0
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE28_eR8SezQVEO-6jaY3p8&google_cver=1&google_push=Aa02lx8tLDG8IGth1uZIZl8SPxzsPZKbILElnfrb_oWgMaDXepCrxVB-0rdWoGQSltqUOoauBqVGMCo3OjgiCQ_rRdtp1RqUVhg
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D&google_push=Aa02lx8tLDG8IGth1uZIZl8SPxzsPZKbILElnfrb_oWgMaDXepCrxVB-...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D&google_push=Aa02lx8tLDG8IGth1uZIZl8SPxzsPZKbILElnfrb_oWgMaDXepCrxVB-0rdWoGQSltqUOoauBqVGMCo3OjgiCQ_rRdtp1RqUVhg
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM2OTM4Nzg4NDQ0ODk0Njc1NTI0MA%3D%3D&google_push=Aa02lx8tLDG8IGth1uZIZl8SPxzsPZKbILElnfrb_oWgMaDXepCrxVB-0rdWoGQSltqUOoauBqVGMCo3OjgiCQ_rRdtp1RqUVhg
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 60B0
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEKiuJz6Jv4WS0DXhZxpc9Zw&google_cver=1&google_push=Aa02lx9Md8Qv-jd61ARUjnfsMxLGlu4iFS1Yqsmjscnu27QuVNXnARKL_PBUxYHF2qItBu4pwvepr4h21oOguP0qK6mqNshi5fCA
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9Md8Qv-jd61ARUjnfsMxLGlu4iFS1Yqsmjscnu27QuVNXnARKL_PBUxYHF2qItBu4pwvepr4h21oOguP0qK6mqNshi5fCA&google_hm=227d6c03e23bf7ccafa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9Md8Qv-jd61ARUjnfsMxLGlu4iFS1Yqsmjscnu27QuVNXnARKL_PBUxYHF2qItBu4pwvepr4h21oOguP0qK6mqNshi5fCA&google_hm=227d6c03e23bf7ccafa251f5289c6b3d
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9Md8Qv-jd61ARUjnfsMxLGlu4iFS1Yqsmjscnu27QuVNXnARKL_PBUxYHF2qItBu4pwvepr4h21oOguP0qK6mqNshi5fCA&google_hm=227d6c03e23bf7ccafa251f5289c6b3d
date
Tue, 28 Feb 2023 08:53:06 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
/
onetag-sys.com/match/ Frame 60B0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAIz82WeRTCj5iSOmdgUMjw&google_cver=1&google_push=Aa02lx9DlWNLHP4-BmcMyThzausqwJMk4up7VSLrufpQ6EDGpsKFkbgrUjtHuf5_BzX6dl1aT1tQ4Nq-Nya...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9DlWNLHP4-BmcMyThzausqwJMk4up7VSLrufpQ6EDGpsKFkbgrUjtHuf5_BzX6dl1aT1tQ4Nq-Nyai5TMeqBSW4laY8w9ZOA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
139.99.49.250 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 60B0 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7VNtZuxijUN1ASdc2SaqJjN0ubJAEyMExvbB-hsfnaptLErAwqsAczGoZJTxo3fCu5_WjyA
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cksync
cs.media.net/ Frame BA60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwNTc1OTg1NjgzNzUyOTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKCjsL-Dr9XhaqPRr7sTHk8&google_cver=1
237 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKCjsL-Dr9XhaqPRr7sTHk8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 08:53:05 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKCjsL-Dr9XhaqPRr7sTHk8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame BA60
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=584b7180-a046-4cd5-8ae1-87ccc771fabd
237 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=584b7180-a046-4cd5-8ae1-87ccc771fabd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 08:53:05 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=584b7180-a046-4cd5-8ae1-87ccc771fabd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame BA60
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
  • https://contextual.media.net/cksync.php?cs=1&ovsid=ce2f40bd-d059-45ed-98a2-5d4b6d219112&type=loop&gdpr_consent=null&gdpr=0
237 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=ce2f40bd-d059-45ed-98a2-5d4b6d219112&type=loop&gdpr_consent=null&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 08:53:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 08:53:06 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&ovsid=ce2f40bd-d059-45ed-98a2-5d4b6d219112&type=loop&gdpr_consent=null&gdpr=0
date
Tue, 28 Feb 2023 08:53:06 GMT
server
_
content-length
0
cksync
cs.media.net/ Frame 81E0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=584b7180-a046-4cd5-8ae1-87ccc771fabd
237 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=584b7180-a046-4cd5-8ae1-87ccc771fabd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 08:53:05 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=584b7180-a046-4cd5-8ae1-87ccc771fabd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame 81E0
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
  • https://contextual.media.net/cksync.php?cs=1&ovsid=83f21678-3233-4745-bc2f-4d9b03791573&type=loop&gdpr_consent=null&gdpr=0
237 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=83f21678-3233-4745-bc2f-4d9b03791573&type=loop&gdpr_consent=null&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 08:53:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 08:53:06 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&ovsid=83f21678-3233-4745-bc2f-4d9b03791573&type=loop&gdpr_consent=null&gdpr=0
date
Tue, 28 Feb 2023 08:53:06 GMT
server
_
content-length
0
cksync
cs.media.net/ Frame 81E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwNTc1OTg1NjgzNzUzNjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKCjsL-Dr9XhaqPRr7sTHk8&google_cver=1
237 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKCjsL-Dr9XhaqPRr7sTHk8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 28 Feb 2023 08:53:05 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKCjsL-Dr9XhaqPRr7sTHk8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 6880
Redirect Chain
  • https://csync.loopme.me/?pubid=11398&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D56%26pid%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=56&pid=5f2063121d82c82557194737&key=0a4deedc-e5cf-4710-ae76-158c3fb84e3e&gdpr_consent=null&g...
0
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=56&pid=5f2063121d82c82557194737&key=0a4deedc-e5cf-4710-ae76-158c3fb84e3e&gdpr_consent=null&gdpr=0
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 28 Feb 2023 08:53:06 GMT

Redirect headers

content-length
0
date
Tue, 28 Feb 2023 08:53:06 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=56&pid=5f2063121d82c82557194737&key=0a4deedc-e5cf-4710-ae76-158c3fb84e3e&gdpr_consent=null&gdpr=0
server
_
sync
ssbsync.smartadserver.com/api/ Frame 17B2 		1003 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e6e8ec71d10d374c39d76f731d2bd09be66cf94f5fa50ad6578e80b44b78ac1a

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
1003
content-type
text/html
date
Tue, 28 Feb 2023 08:53:06 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 2D0D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=0&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=98aa423e813894639267394451cdb2e3&_fw_gdpr=0&_fw_gdpr_consent=
0
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=98aa423e813894639267394451cdb2e3&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 28 Feb 2023 08:53:06 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Feb 2023 08:53:06 GMT
Expires
Tue, 28 Feb 2023 08:53:06 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=98aa423e813894639267394451cdb2e3&_fw_gdpr=0&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1677574386016096-55
auto-user-sync
ads.stickyadstv.com/ Frame 8068 		43 B
622 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.211.140.123 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-211-140-123.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Feb 2023 08:53:06 GMT
Expires
Tue, 28 Feb 2023 08:53:06 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1677574386073019-55
cookiesyncendpoint
sync.aniview.com/ Frame 46C9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=0&gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
0
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 28 Feb 2023 08:53:06 GMT

Redirect headers

age
0
content-length
0
date
Tue, 28 Feb 2023 08:53:05 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
/
rtb-csync.smartadserver.com/redir/ Frame 679F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26bid...
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D200%26key%3D%5B...
  • https://ad.turn.com/r/cs?pid=45&rndcb=1993041605
  • https://sync.1rx.io/usersync/turn/8391144493252904027?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-cff0e259-a...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
43 B
465 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache,no-store
content-type
image/gif
date
Tue, 28 Feb 2023 08:53:07 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
transfer-encoding
chunked

Redirect headers

content-type
text/html
date
Tue, 28 Feb 2023 08:53:08 GMT
etag
RXcff0e259afb448069f1adf8852f381ea004
location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
services
sync.technoratimedia.com/ Frame E756 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1677574385232-939013850577-001196-000-008171&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.file.io/
age
0
date
Tue, 28 Feb 2023 08:53:06 GMT
server
nginx
via
1.1 varnish
x-varnish
149387552
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD45 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151664
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 28 Feb 2023 08:53:05 GMT
expires
Thu, 02 Mar 2023 03:00:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame CC3A
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D18%26k...
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D18%26k...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=18&key=GOzVCLZH5dv441RoTMe8YhTl
0
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=18&key=GOzVCLZH5dv441RoTMe8YhTl
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 28 Feb 2023 08:53:06 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Tue, 28 Feb 2023 08:53:06 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=18&key=GOzVCLZH5dv441RoTMe8YhTl
X-Sovrn-Pod
ad_ap2sfo1
usync.html
eus.rubiconproject.com/ Frame 6F33
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Feb 2023 08:53:06 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 28 Feb 2023 08:53:06 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame ABBE
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171...
  • https://u.openx.net/w/1.0/cm?cc=1&id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-0...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=23&key=215f38da-3f4f-451c-9f93-5b724b110f2b
0
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=23&key=215f38da-3f4f-451c-9f93-5b724b110f2b
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 28 Feb 2023 08:53:06 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Tue, 28 Feb 2023 08:53:05 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=23&key=215f38da-3f4f-451c-9f93-5b724b110f2b
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
ap.lijit.com/ Frame F45A
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D105%26pid%3D59c9148...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D528dcc40-afc2-47e6-a469-3a68e3c...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLmFuaXZpZXcuY29tL2Nvb2tpZXN5bmNlbmRwb2ludD9hdWlkPTE2Nzc1NzQzODUyMzItOTM5MDEzODUwNTc3LTAwMTE5Ni0wMDAtMDA4MTcxJmJpZGRlcm5hbWU9MTA1JnBpZD01OWM5MTQ4NjI4YTA2MTJkYTM2ODkyODgma2V5PQ%253D%253D%26uid%3D%24UID
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 28 Feb 2023 08:53:06 GMT
X-Sovrn-Pod
ad_ap2sfo1

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Tue, 28 Feb 2023 08:53:04 GMT
location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D528dcc40-afc2-47e6-a469-3a68e3c2c7e9%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLmFuaXZpZXcuY29tL2Nvb2tpZXN5bmNlbmRwb2ludD9hdWlkPTE2Nzc1NzQzODUyMzItOTM5MDEzODUwNTc3LTAwMTE5Ni0wMDAtMDA4MTcxJmJpZGRlcm5hbWU9MTA1JnBpZD01OWM5MTQ4NjI4YTA2MTJkYTM2ODkyODgma2V5PQ%253D%253D%26uid%3D%24UID
server
envoy
x-envoy-upstream-service-time
1
avpb7.36.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame A37C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d69440f62c2f0fa5dab70a4e5201a78f51b4a2cdb7ea6ba62d56152bcc19150c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 07:09:49 GMT
etag
"1677568189"
x-hw
1677574386.dop207.sj3.t,1677574386.cds103.sj3.hn,1677574386.cds051.sj3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
65112
avpb7.36.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame A37C 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a1.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
416d2349f28515c7cb5870cbe2d68ca856da606d52015ab39612fc342ba29984

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 07:09:49 GMT
etag
"1677568189"
x-hw
1677574386.dop207.sj3.t,1677574386.cds103.sj3.hn,1677574386.cds205.sj3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
21150
avpb7.36.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame A37C 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a3.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
507b637b1c4d256d43f0fa5114c1041d439a89e297853e91c95fbb2964bd6543

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 07:09:49 GMT
etag
"1677568189"
x-hw
1677574386.dop207.sj3.t,1677574386.cds103.sj3.hn,1677574386.cds205.sj3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
20585
avpb7.36.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame A37C 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a0.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9df4a08659471f578eae8fcc39660cd4e3a4cfc762b42a57d0f7427bc530de40

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 07:09:49 GMT
etag
"1677568189"
x-hw
1677574386.dop207.sj3.t,1677574386.cds103.sj3.hn,1677574386.cds220.sj3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
24515
s2s
s2s.aniview.com/api/adserver/ 		1 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=d0372876801fd44b3ee9d1cdc899bf6e&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1677574385232-939013850577-001196-000-008171&AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=4dd5e1c8db5791b85c4d6864add24906&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_VIDEOURL=https%3A%2F%2Fcontent1.avplayer.com%2F5f2063121d82c82557194737%2Fvideos%2F63f7530d2bdf8c59ab0dcf13%2F63f7533bbdc449913e0a4913%2Fvideo.mp4%3FAV_TAGID&AV_TEMPID=634810e43259c149ba2da227&cid=63036ec4493ff651bf36c244&pid=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=1&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&d36=6.2.85&responsive=1&sver=4&avtoken=384473&omv=1.0.1&AV_D65=IntentIQ&clsid=ea19a9c6-1108-470d-a41b-ef127f9669e9&rando=73&AV_WIDTH=440&AV_HEIGHT=247&AV_DNT=0&cb=7574385467&wfc=1&tgt=0&&AV_VI=100&AV_VID=0&d4=1&d5=1
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.171.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-171-223.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.file.io
content-type
text/plain
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 16 Feb 2023 19:06:26 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
602 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=0&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.24&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=7574385471
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
189
expires
Thu, 01 Jan 1970 00:00:00 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=0&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=1.35&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=7574385471
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
189
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583018&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=0&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.225.91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-225-91.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.file.io
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
591069
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&user_id=1677574385232-939013850577-001196-000-008171&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&expires=30&ssp=themediagrid&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=93&user_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&expires=30&ssp=themediagrid&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://x.bidswitch.net/sync?dsp_id=93&user_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&expires=30&ssp=themediagrid&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
343
cookiesyncendpoint
sync.aniview.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=24&pid=59c9148628a0612da3689288&key=d719f6e3-4709-4897-81df-6dc1be3a6813
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=24&pid=59c9148628a0612da3689288&key=d719f6e3-4709-4897-81df-6dc1be3a6813
Protocol
H2
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
content-length
0

Redirect headers

Location
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=24&pid=59c9148628a0612da3689288&key=d719f6e3-4709-4897-81df-6dc1be3a6813
Date
Tue, 28 Feb 2023 08:53:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AU&cos=Windows&r=www.file.io&rs=www.file.io&sid=80934&t=1677574385&cip=173.245.209.183&sn=&tgt=0&osv=10&bv=110.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=1&d64=d0372876801fd44b3ee9d1cdc899bf6e&d63=d0372876801fd44b3ee9d1cdc899bf6e&aafaid=&proto=https&uid=1677574385232-939013850577-001196-000-008171&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.85&cb=20007358778&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=173.245.209.183&cd18=-33.89790&cd17=151.18970&d9=0000&d37=realtime&pt=2&cmid=&cwid=&cvid=63f7530d2bdf8c59ab0dcf13&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1677574385472&asid=637b7eaa93283f4fba7e40c8%2C63ca668fc59e20cf6801d2f2%2C633be2470cbd4b48090dc596&ofpr=%2C0.49%2C&fpo=%2C%2C&ri=1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.57.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-57-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AU&cos=Windows&r=www.file.io&rs=www.file.io&sid=80934&t=1677574385&cip=173.245.209.183&sn=&tgt=0&osv=10&bv=110.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=1&d64=d0372876801fd44b3ee9d1cdc899bf6e&d63=d0372876801fd44b3ee9d1cdc899bf6e&aafaid=&proto=https&uid=1677574385232-939013850577-001196-000-008171&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.85&cb=20007358778&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=173.245.209.183&cd18=-33.89790&cd17=151.18970&d9=0000&d37=realtime&pt=2&cmid=&cwid=&cvid=63f7530d2bdf8c59ab0dcf13&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1677574385472&asid=60bdce680f40fe0656405224%2C63ecfdea79d9bf7f7b0b6cc3%2C61c0681ef38da46e66702c44%2C61ee80e3c53c661d74532004%2C624c0a0dc3ddce30871b2de4%2C63a1ca4ca1fcfb996304f029%2C6245a97f138a392b6f34aeb8%2C62e3ca7e498748c593005cc4&ofpr=%2C%2C2.69%2C2.02%2C0.72%2C1.35%2C%2C&fpo=%2C%2C%2C1%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.57.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-57-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame C6E2
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHNTcI7WCPgoOQ7EHXKEs44&google_cver=1&google_push=Aa02lx8q7gKI5cvVwf4bXL2bEJHfsRIy-Heq_eDCnI7cRP2qdD7nowK...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=49ea3f0d82c920b6&is_secure=true&networkId=14000&version=1&google_gid=CAESEHNTcI7WCPgoOQ7EHXKEs44&google_cver=1&google_push=Aa02lx8q7gKI...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALnxErzvtE8QNJ11tyAAAAAAA&expiration=1677660786&google_cver=1&is_secure=true&google_gid=CAESEHNTcI7WCPgoOQ7EHXKEs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALnxErzvtE8QNJ11tyAAAAAAA&expiration=1677660786&google_cver=1&is_secure=true&google_gid=CAESEHNTcI7WCPgoOQ7EHXKEs44&google_push=Aa02lx8q7gKI5cvVwf4bXL2bEJHfsRIy-Heq_eDCnI7cRP2qdD7nowKFTZF89DIenBEHIgvIeGk96gybJg3Epfu58Ltz8WKP47Dx
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALnxErzvtE8QNJ11tyAAAAAAA&expiration=1677660786&google_cver=1&is_secure=true&google_gid=CAESEHNTcI7WCPgoOQ7EHXKEs44&google_push=Aa02lx8q7gKI5cvVwf4bXL2bEJHfsRIy-Heq_eDCnI7cRP2qdD7nowKFTZF89DIenBEHIgvIeGk96gybJg3Epfu58Ltz8WKP47Dx
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame C6E2
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEK26hdQaWVQgKAM1brJjKA0&google_cver=1&google_push=Aa02lx9WFkQLoih-mr02Uqy6auSqjOOjoMNmyef4Yoto1XHaO5KO7baTFeGzQ_kThh08qxxklY8MQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9WFkQLoih-mr02Uqy6auSqjOOjoMNmyef4Yoto1XHaO5KO7baTFeGzQ_kThh08qxxklY8MQJ6c9pdmOdwYnkoCCyt0OENR
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9WFkQLoih-mr02Uqy6auSqjOOjoMNmyef4Yoto1XHaO5KO7baTFeGzQ_kThh08qxxklY8MQJ6c9pdmOdwYnkoCCyt0OENR
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Feb 2023 08:53:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: BCC3183A600C408990F136740FCFD9EF Ref B: SYD03EDGE0911 Ref C: 2023-02-28T08:53:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9WFkQLoih-mr02Uqy6auSqjOOjoMNmyef4Yoto1XHaO5KO7baTFeGzQ_kThh08qxxklY8MQJ6c9pdmOdwYnkoCCyt0OENR
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1vrlXYVao8yGnbRtolA==
pixel
cm.g.doubleclick.net/ Frame C6E2
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESENxjUb9BrSImtiJRn4XkpLs&google_cver=1&google_push=Aa02lx_qC3TZMu1fb48-25JuDZkAI4ARu_VzKFpgCeonPbzPxj9cFWueNKTIwr5PeYvUiZg-mWEYZ4t8S7A07pS9P-b4NDxGc_PD
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MkE2OTE4NzI0QjFCOEFDMA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MkE2OTE4NzI0QjFCOEFDMA==
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MkE2OTE4NzI0QjFCOEFDMA==
date
Tue, 28 Feb 2023 08:53:06 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame C6E2
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEBKbHEYhZxnNLrEE6OCQOjY&google_cver=1&google_push=Aa02lx9x7mNOFfK9pFDE3ILm_enYW7tdc3QfP7FO0MJuhcG4AcWRzMjJ8b6z6-wwIUCQm7o6xF5D4d_hzq4gyik...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTEyNjgxMjQwMzQ&google_push=Aa02lx9x7mNOFfK9pFDE3ILm_enYW7tdc3QfP7FO0MJuhcG4AcWRzMjJ8b6z6-wwIUCQm7o6xF5D4d_hzq4gyikPwe5Ub...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTEyNjgxMjQwMzQ&google_push=Aa02lx9x7mNOFfK9pFDE3ILm_enYW7tdc3QfP7FO0MJuhcG4AcWRzMjJ8b6z6-wwIUCQm7o6xF5D4d_hzq4gyikPwe5UbeM69WM
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTEyNjgxMjQwMzQ&google_push=Aa02lx9x7mNOFfK9pFDE3ILm_enYW7tdc3QfP7FO0MJuhcG4AcWRzMjJ8b6z6-wwIUCQm7o6xF5D4d_hzq4gyikPwe5UbeM69WM
Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
asr
aid.send.microad.jp/g/ Frame C6E2 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEEJLxCHgbOQvbkMsgmiu620&google_cver=1&google_push=Aa02lx-og9T0fZb_ftYeqGnIkLqAyrIz9QO0jQWTkbfdJGmby28E4ptYyItntbJR_TrDKYWQe_Eu3Unk8yvgpZhvGZa7hC0Q9d0
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:06 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame C6E2
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMJS6rCAH0EGSB6UnTPsGrA&google_cver=1&google_push=Aa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ_QW3E7phPhpoqWboamfdRj8NU4QX...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMJS6rCAH0EGSB6UnTPsGrA%26google_cver%3D1%26google_push%3DAa02lx-APM3MZ6172JBVXg...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A9182664047325447741&exchange=193&google_gid=CAESEMJS6rCAH0EGSB6UnTPsGrA&google_cver=1&google_push=Aa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTkxODI2NjQwNDczMjU0NDc3NDE&google_push=Aa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ_QW3E7phPhpoqWboamfdRj8NU4Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTkxODI2NjQwNDczMjU0NDc3NDE&google_push=Aa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ_QW3E7phPhpoqWboamfdRj8NU4QXW_zJktEksifIuKYdY1BOrw
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTkxODI2NjQwNDczMjU0NDc3NDE&google_push=Aa02lx-APM3MZ6172JBVXgqLmipHjYjRuRtZTEORUlwaX2r_GZfJ_QW3E7phPhpoqWboamfdRj8NU4QXW_zJktEksifIuKYdY1BOrw
Date
Tue, 28 Feb 2023 08:53:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C6E2
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDumMWMrOOzeldLA-JsUPnM&google_cver=1&google_push=Aa02lx_8wLZvfPYSwU-MzB3HcQ5SBzFUheptFbcBoTFfZUkqSGGlQxsxMmr7V1-vqCaVMmWouchLZZYSOHJn64ROh...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Y2VkYzJiNTEtYTUyOS00ZWI1LTk5MGUtMmRjMjE2YWQwNjZm&google_push=Aa02lx_8wLZvfPYSwU-MzB3HcQ5SBzFUheptFbcBoTFfZUkqSGGlQxsxMmr7V1-v...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Y2VkYzJiNTEtYTUyOS00ZWI1LTk5MGUtMmRjMjE2YWQwNjZm&google_push=Aa02lx_8wLZvfPYSwU-MzB3HcQ5SBzFUheptFbcBoTFfZUkqSGGlQxsxMmr7V1-vqCaVMmWouchLZZYSOHJn64ROh7jzqNFd-2K1jw
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Y2VkYzJiNTEtYTUyOS00ZWI1LTk5MGUtMmRjMjE2YWQwNjZm&google_push=Aa02lx_8wLZvfPYSwU-MzB3HcQ5SBzFUheptFbcBoTFfZUkqSGGlQxsxMmr7V1-vqCaVMmWouchLZZYSOHJn64ROh7jzqNFd-2K1jw
date
Tue, 28 Feb 2023 08:53:06 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame C6E2 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCeaMptv9uIxpGBQIRs_RDpqN35FqhucRzkqPhI7BEIKUSGMUcu-LKB1TP2JFkfm-81-WN3Gk
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
page-data.json
www.file.io/page-data/about/ 		0
612 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
Origin
https://www.file.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 00:14:29 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
x-amz-request-id
0J2CM57QECY5RQ16
x-amz-cf-pop
SIN2-P2
etag
"cfb91ae7cd0473e276a9361907a683fc"
age
31117
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
147
x-amz-id-2
Wf8S995nTNS4+uZ++oeNgQW5B8j6aE4Q1c0qC6xZv32qSKx2M1vGazDny6r2MiV2rPWt1IXNGQc=
x-amz-cf-id
A9yf9pbDQRZEnoqMbcnlKCBslfsNdGIoLVW1zS7TXusUbkmzknoNfQ==
page-data.json
www.file.io/page-data/signup/ 		0
623 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
Origin
https://www.file.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 01:05:48 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
VYF03KDVT3M7K7CC
x-amz-cf-pop
SIN2-P2
age
28038
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
Ekg4g5Rng+2MpxgkLESnefndgSESeIqOcsBLmFBNb7SG1BRybbzjRR1TcAdCR/Obp5AxGsXqjQA=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
VgdrlMWLSXTO-mrxRukLLlhIsnahGLu181MuhJGRJsATNFNlzCy5yw==
async_usersync
ib.adnxs.com/ Frame 04A0 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:05 GMT
AN-X-Request-Uuid
914d9f47-e1ee-4f9a-8cc5-9355bd42d63d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame BEC0 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BEC0 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BEC0 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame BEC0 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5626&&vgd_canary=0&vgd_l2type=scs_newfl&fp=w5iE1WVTnQmX0UYDphefb0vWCAn_uJbAEOUL_HoRDUdDd77vCW88AwthFieG0ZOe8rfAXwKQySTXpvsIp84R9gVt2H6VdOIHn11CcixeMGmLzj8NMjSjdvaCxH5Z6XxB&cme=P0oQ0Jz_fZe6zBfgi2dTWTMIheedJOPBuYAiXcVaKAb-emJVGkoDDHkK2qHmJ-RwPYmaKlOSiM4d9pvrxKW3UiZMdYCboyjRDFa_l4jZbcCv22q17LSVG54YqIQumbR4vsdCCALwWWl-KfD051bp1rujoy_ySoKo_tnW2ESD6HPs_eMQEK7kIYMx7O5p4BqStqBSp2jY-zjMC7W6KU9E4POWKD2kmm_HqeDEofle37kgZz6_96Dngg%3D%3D%7C%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD7_pTiXo69EBJEOGGyf-ChDFRZKExw-SKxGHLgk7x378X50AJmGaYxjz6AIg3mJtCM%3D%7CQRCjDhs14bwUibF8nO5IzuEe6z6hmLYNpYqQSkemxLa_gkLIEq90kLdR_8n4W_EdvDYPNBhR4N7_W95Of0ctyrTcSpHuZ0M7sH8u54-x9jEIS-5CBsbgq1YbbgwGAuNWkQHWsQULK1bpUjUtPq1KGWj9aBiz-P1PBEGSwTbmCBKIpd4UI11bPlAgvkUrIhKXMEjvOWWAaZTF09qRE8mSezoJHc1uLLz1VAnqgG8IvAqWFxRFTerpAqkIrOl__HdTE_u7kGAXnGk%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7C&subBdr=196&bdrid=313&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Best+Stocks+to+Invest+in+2023&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=351282292&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D1.65%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Stocks+to+Invest+in+2023&kwd[]=Best+High+Return+Investments&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=326649050&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D1.16%7C4%3D4.67&ktd[]=274894815488&ktrkt[]=Best+High+Return+Investments&kwd[]=Best+Ways+to+Invest+in+Gold&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=316482289&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.68%7C4%3D4.53&ktd[]=274911592704&ktrkt[]=Best+Ways+to+Invest+in+Gold&kwd[]=Free+Dental+Implants&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=11543551&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.41%7C4%3D4.58&ktd[]=274911592704&ktrkt[]=Free+Dental+Implants&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=48970281&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.56%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Top+Stocks+to+Buy+for+Beginners&kwt[]=391&kbc[]=1224808752&kwp[]=6&kid[]=329686504&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.55%7C4%3D4.23&ktd[]=274894815488&ktrkt[]=Top+Stocks+to+Buy+for+Beginners&kwd[]=No.1+Stock+to+Buy&kwt[]=391&kbc[]=1224808752&kwp[]=7&kid[]=329681077&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.69%7C4%3D4.21&ktd[]=274894815488&ktrkt[]=No.1+Stock+to+Buy&kwd[]=Watch+Live+Streaming&kwt[]=391&kbc[]=1224808752&kwp[]=8&kid[]=180959855&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.08%7C4%3D3.93&ktd[]=274911592704&ktrkt[]=Watch+Live+Streaming&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=15062&hint=&cc=AU&wsip=170762626&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQ8E%22%3A%22uhA.fHX.f9i.9%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22Ibp%22%2C%22QQN75%22%3A%22GJ1NmzQk8JjO%22%7D&cid=8CUABW64L&vi=1677574384967697800&vsid=3205759856837505&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_implt=3&vgd_cage=1&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=81303&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1677574384139623731&tsrc=entity&sttm=1677574385032&upk=1677574385.12764&hvsid=00001677574385032029185683759810&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080812610100970025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&bid=337525&abpl=2&kbbq=%26asn%3D54203&vgd_vstrid=3205759856837505&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.fF~eBMJ-Nv9.WF~QYYMG8Ov9.fF~e8QMQOvFhH~ONfvu~G17v9%2C9%2C9~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9fA9ffW9f~8xLjMGviAi.AA~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.XA~8EvAGB9PB~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuh~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fA9ffW9f~e8QMGvWi9.XH~xLjMGvu.9F~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvuh.AWAF~xLjMjvf9~yN17vou~GGvuiF~eev9~QYYMYxjvu~jfLMGvu999~JLEYv9.fF~ejfLMxLjMUNv949~csRvR~GYvu.9X~QYYMQOvf9fA9ffhf9~Q8OvfFFh9uiHh~QOvu~x8OvuqJte%3DmAi%20GF1PmyW7~G7OvFWFuWXiuhhfWAWu9hFWAiu9FAuhAiW9uFuuHWfXFfFX9FWfhHuHHWW9Xu9A9AhuXX9XXiuAhAFffAuHfXuiFuAuhXiffhXhFAf~OfEMjvA9~AENkvu999~x8Yv9~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvu.HH~QQvIK~NNvKP~x8Bvou~NJv9~LEQMGvFF.Ff~exLjMjvf9~%3DVvfWXh~z7QvH~7Gvou~N7vGJ1NmzQk8JjO~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.h~8Q8kv9~jNvA~G8Ov9.fF~ONvW~ejfLMGvH.HH~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.WF~1YEvu~NGOEv9.fF9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov%3DK4b4ryQxf__pAhZfNWq3C%2F4NBg~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoXhWuXAuf9hX9ifAf~O1jyvQYY~w7Yjvu~1OGjUvuFWfuAH9i9~QmGEv~N7Lv9.9~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.fX9~myG8Ov9.fF9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~QYYM1E8veu~8GNvu~zQlvH~7yQvA99-fX9%7CAAF-fW9%7ChfW-i9%7Cih9-fX9~GQGv9~GQEv9~7Y-vfXf&vgd_bhv_kbb=-1&vgd_cfud=220331&vgd_scsver=411&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A250&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001677574385032029185683759810&rc=0&rand=1677574385661&acid=d8c76fc2ab044ee4a0eed077fcfb837e&matm=1677574385661&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&vgd_ltimesrc=1&vgd_ltime=2111&vgd_rtime=2089&vgd_etm=23&vgd_l1hcsd=Sg05m%7C1310&vgd_l1ch=1&vgd_lhl=2986&vgd_pgid=p01248961291t202302280853&vgd_csip=rtb-common-istio-568b4566f8-gfnq7.SG&vgd_sbSup=1&vgd_nrrs=81303&vgd_cntrdt=SF%7Cedcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 28 Feb 2023 08:53:05 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 28 Feb 2023 08:53:05 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
db1ab08d6b6b6e24f2cd0e2dcec7dfffa34950c4f08b04c986949c1a9aa51fc3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 6D53 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:05 GMT
AN-X-Request-Uuid
c21c946a-a604-4e8f-a146-024829fa0c8c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 018B 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:05 GMT
AN-X-Request-Uuid
9a27ae78-91ee-4c40-a8c4-8b44c8fc133b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 396B 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 396B 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 396B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 396B 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5510&&vgd_canary=0&vgd_l2type=scs_newfl&fp=-e_xcGo17_3_tctWWYFvSEpT63DBQGdbWk39rFFINs29Y-ukDaONiLGY7lZsCvOyWOnIQJiM4XPjW0PtyBPXuukjO-woWfPR1nysrO1n2dSzGKOoHx2T-7HKVtAJI8pO&cme=IfqTx2r5vgYW4C_TmCK3H-e7R1QEEXzDOml0x8uzHAJMYb9MQTJN4FSmVuV68FWPWxvH5OJW3OLixS7_aCQ6e1ti2z2gdRstZ9tlDF8ggCaX3OzQUD_NCyYRd2p5rIK2CEDnO8ICFtYHyKM7Mr23X4VWJTFheH19EpX69K_2YIetKB9AoIaeWeoTIviV1q-6IGHoWbytUYBcWSmxZz_m1CFElXW_OHfxKsbRKsAi6fPNRRGviDRIfA%3D%3D%7C%7C7Csc44TlR7WGVt7Y440heh8_aZFHrmKFh2W7rcbQ7fVzYMGEZZo6m5IkB7sl5c-40pxMr_icg1fpmftxoiUazdTaJRQI2HfzQJlZUg8B--5zpHGB2JHclAxNV71JKdK-ShmHSHJsxa2xMuQRG4AimrAK-QHPWNPJTrS3haiz7cpQtBjxWsx0njRZCdrQv8ylYKpmCbtWAqmui_TFazCiCUknpKRXwkDMDd6rLo-xtnW1KhEa-o_t1CMf6zKQG8yj%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7_pTiXo69EBJEOGGyf-ChDFRZKExw-SKxGHLgk7x378X50AJmGaYxjz6AIg3mJtCM%3D%7C&subBdr=196&bdrid=313&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Best+Stocks+to+Invest+in+2023&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=351282292&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D1.65%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Stocks+to+Invest+in+2023&kwd[]=Best+High+Return+Investments&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=326649050&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D1.16%7C4%3D4.67&ktd[]=274894815488&ktrkt[]=Best+High+Return+Investments&kwd[]=Best+Ways+to+Invest+in+Gold&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=316482289&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.63%7C4%3D4.49&ktd[]=274911592704&ktrkt[]=Best+Ways+to+Invest+in+Gold&kwd[]=Free+Dental+Implants&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=11543551&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.41%7C4%3D4.58&ktd[]=274911592704&ktrkt[]=Free+Dental+Implants&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=48970281&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.56%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Top+Stocks+to+Buy+for+Beginners&kwt[]=391&kbc[]=1224808752&kwp[]=6&kid[]=329686504&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.55%7C4%3D4.23&ktd[]=274894815488&ktrkt[]=Top+Stocks+to+Buy+for+Beginners&kwd[]=No.1+Stock+to+Buy&kwt[]=391&kbc[]=1224808752&kwp[]=7&kid[]=329681077&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.69%7C4%3D4.21&ktd[]=274894815488&ktrkt[]=No.1+Stock+to+Buy&kwd[]=Watch+Live+Streaming&kwt[]=391&kbc[]=1224808752&kwp[]=8&kid[]=180959855&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7Cps%3D0.408%7C3%3D0.08%7C4%3D3.93&ktd[]=274911592704&ktrkt[]=Watch+Live+Streaming&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=15062&hint=&cc=AU&wsip=170762402&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQ8E%22%3A%22uhA.fHX.f9i.9%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22Ibp%22%2C%22QQN75%22%3A%22GJ1NmzQk8JjO%22%7D&cid=8CUABW64L&vi=1677574384870591736&vsid=3205759856837511&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_implt=3&vgd_cage=1&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=81303&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1677574384160676083&tsrc=entity&sttm=1677574385069&upk=1677574385.12239&hvsid=00001677574385069029185683753044&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080812610100970025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&bid=337936&abpl=2&kbbq=%26asn%3D54203&vgd_vstrid=3205759856837511&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.fh~eBMJ-Nv9.Wh~e8QMQOvFhH~ONfvu~G17v9%2C9%2C9~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9fA9ffW9f~8xLjMGviAi.AA~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.XA~8EvAGB9PB~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vuH~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fA9ffW9f~e8QMGvi9A.Ff~xLjMGvu.9F~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.fh~ejfLMxLjMUNv949~csRvuE~GYvu~Q8OvfFFh9uiHh~QOvu~x8OvuqJtBXiElFVz26b8Gx~G7OvFWFuWXiuhHu99iHf9HiHAiWhAFiAWuuF9hHX99fWFhAHiH9uWiWfAfH9f9AiFuihuiWhXHWiHfii9HfHWuuAiHAXXHfFXFf9HW~OfEMjvA9~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvu.HH~QQvIK~NNvKP~x8Bvou~NJv9~LEQMGvFF.Ff~exLjMjvf9~%3DVvfWXh~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.h~8Q8kv9~jNvA~G8Ov9.fh~ONvW~ejfLMGvH.HH~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.Wh~1YEvu~NGOEv9.fXu~OYYvw1LYmz5~Qx8Ov%3DK4b4c8AWkUix9Uizoo28tYuqiV~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoXhWuXAuf9hX9ifAf~O1jyvOJk1xj7~w7Yjvu~1OGjUvuhA99Xiiif~QmGEv~N7Lv9.9~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.fX9~myG8Ov9.fh9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vX~OmyGv9ou~8GNvu~zQlvA~7yQvA99-fX9%7ChfW-i9%7Cih9-fX9~GQGv9~GQEv9~7Y-vfXu&vgd_bhv_kbb=-1&vgd_cfud=220331&vgd_scsver=411&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A250&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001677574385069029185683753044&rc=0&rand=1677574385775&acid=5ce40aab538a4786b751c5363e4061f0&matm=1677574385775&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&vgd_ltimesrc=1&vgd_ltime=1816&vgd_rtime=1802&vgd_etm=12&vgd_l1hcsd=Sg05m%7C1310&vgd_l1ch=1&vgd_lhl=2894&vgd_pgid=p01248961291t202302280853&vgd_csip=rtb-common-istio-568b4566f8-vr5cq.SG&vgd_sbSup=1&vgd_nrrs=81303&vgd_cntrdt=SF%7Cedcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 28 Feb 2023 08:53:05 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 28 Feb 2023 08:53:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022301&jk=3166373918727466&bg=!8POl86fNAAZYlHKzeJQ7ADkAdvg8WshGiEOGL-3YSkRtshAv1pZJuVxCLtDYYNEWvc2hdwzH9aC_lkVR9JlGSqG_vPcFZH7_ZIACAAAA3VIAAAADaAEHCgDOa5jUnIpeRzKrbpCATeAo94j2XFM5kZfKO0qyOmWz4mr3Ek_3Ezoa41hbxTeK5ruunYrsi5GwJ0kDgEb62BPC9zDl6Ylzd3brgy3PmlYKxknOHJX5sM1sPrM1ysZ33DeooWiGwthISCsEk2E3bNDCFA23EkdcW-dvLQTjP9vlTlhZBSvFPIGnsA55ym64B_SXDSwpOhv7J2dH4UTrAqVFqnUrKtpCz_qRX5d_qK3yJF_eQmxQJypL2NNI9rwwStLP4SGEONDw4cKJtfoOOhiZAqZ5OpaCuQrMxCDfdHt7Qqpn26OY6S2RHNJcoLrRClzY-vT1VODFbP4ciutPrAuFOadxPurUA5qTJluKuV92v8oPqa-RiokJZJJtIZMQaQPhDHVjCXgdFD2ESk-XmPT9JwXngdXQ4Cslzn-SELs3cq25CwigYtQywA4NT-7YUdpfhsHTsOpK9wvCf4zjAFDDIPcNvZCURVAAFzCmBN7SsGiQxrOCa8yV17QaSVou5qwL4w0jjbK4W-exnMz8Bnz1AS1J4MNGfbuobdCmH4Not05qxGMNAoVmP55xQqzSueOM2-S0JlnV7Ia8az5_DGFwQfsSMfwZ262o8hirV3bfZ2Q9Ue_BH43n5sVGsAQEZWGrM-HpUdzJMN1FPVN-Flp-GZXXCGB75ZC13N4uoFac3VBtkbrA0pbs_cVMcS0psIEmGfLCN29LUSPl0sKn0isHi30zPj7vMPtSwXr_GdoVK7HNkXmvIiC-eh6c2giAL0GxLm16Ls0gzHxf8l_BjXdfSMcjAvib_-knMaKyeG5D9T7Lko_eznYX55pzCHqoT9wBfT8EnnB2Nv7i90Sx-SwZ7rpmvIBxirL1rW-isc1xPvLBhdsL_44ssdp4sTNgp9RT1R1KJHNwYStljUMQjyO4JUYOOGkKzj3zQqm1qznYleWtNlR2O7yPI95fO8LRrKkhoVNFXQ1KkpY9x2Vg6nRUxJqhrU0jqj4lODi5tMj2L1GB9zIhZ7cGQVktAWkLQ-Q2hU_2yIMkOJs2kwAYhLDrE-oxUQ_kI_xYWV0bzQEeDKXJlDhDluDgRp2-D-0JghsZF01vixPNy8ilnJcMIhppzHTTFglE8Ebovb5d8Wu9bDAVA-znod67AdJfOb72bXuVq3jTAPzAAE2YsTEU01BWv3JzRJNu7V8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
page-data.json
www.file.io/page-data/signup/ 		137 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 01:05:48 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-request-id
VYF03KDVT3M7K7CC
x-amz-cf-pop
SIN2-P2
age
28038
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
Ekg4g5Rng+2MpxgkLESnefndgSESeIqOcsBLmFBNb7SG1BRybbzjRR1TcAdCR/Obp5AxGsXqjQA=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
9G77VoT0i6oXndRD0dIP43HESLDDxQKRNwTLaEO0mn8Pnc-t0AWZpA==
page-data.json
www.file.io/page-data/about/ 		147 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 00:14:29 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
x-amz-request-id
0J2CM57QECY5RQ16
x-amz-cf-pop
SIN2-P2
etag
"cfb91ae7cd0473e276a9361907a683fc"
age
31117
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
147
x-amz-id-2
Wf8S995nTNS4+uZ++oeNgQW5B8j6aE4Q1c0qC6xZv32qSKx2M1vGazDny6r2MiV2rPWt1IXNGQc=
x-amz-cf-id
wC3_BHqH_ELBu6tha7N7ml6Ipxl5DcVBa0did9Rpb1Z2QCC9dRdZHg==
component---src-pages-signup-js-6276362a910cd31f83ca.js
www.file.io/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-signup-js-6276362a910cd31f83ca.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 19:32:59 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:42 GMT
server
AmazonS3
x-amz-request-id
J9S043P1YA5E10BM
x-amz-cf-pop
SIN2-P2
etag
W/"f532f8654ef9d6e2ccba95d194e45cc2"
age
480008
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
1O1fryf3zgq6YLCi-fs7r1EgQPv_5L_YelUhnJVrRRWKmDxnZsh8XQ==
x-amz-id-2
AUAfIMX+JMJJt/thWCKgv5ZNy57xhBlcdwQkSmKoQyAnTqax2ev3Rhi/mTXmV1DflnwSivlX0GBA/PXTGrT65Q==
component---src-pages-about-js-e796be312b3f5a0e66a9.js
www.file.io/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-about-js-e796be312b3f5a0e66a9.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-30.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/k5O8/download/0hpSPhnEIKmH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 19:56:54 GMT
content-encoding
br
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:40 GMT
server
AmazonS3
x-amz-request-id
PCQFBW49FN4RCVP6
x-amz-cf-pop
SIN2-P2
etag
W/"9bb0618c91746ad73fe92abe83c168d2"
age
132973
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
SIqBQO0iOvTrr9GGlxBImVo6kxIQaE4441g0rhGo81ZRFYoKnvrNSg==
x-amz-id-2
xTiCDjVJB0H5yPEaVzhbcqMtBy6zDAKgrJVu5RFfrUw5FQVOShO3VaiM4qmZHD9a7Kbyla3bTN0=
ctrack
track1.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=63f7530d2bdf8c59ab0dcf13&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cres&cb=1677574386154
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.146.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-146-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
log
hblg.media.net/ Frame 48C2 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lper=1&itypeid=17&itype=ADX&cc=AU&cid=8CU3SX34C&reqid=j7hxGzskAaiNpZ82-8ECFw&vid=j7hxGzskAaiNpZ82-8ECFw&dn=file.io&rawDn=file.io&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NSW&ct=beaconsfield&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-568b4566f8-vr5cq.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=54203&sckfl=1&suid=CAESEMi38fk9u0k9n--ZiXm1H9I&smbrid=adx-unknown&usp_status=0&usp_enf=1&gqid=AGJvdddXYV0DKLggm05MMzF35EAhVIeebn0cwOjrmLmUFeNcvXaCDWfDZJs1a4iMGguCPWXL&pexid=ADX-pub-5781531207509232&geoll=false&is_ortb=false&s_ip=172.253.211.1&s_city=singapore&commit_id=af8d5bf8&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-02-27+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=AU&ipcc=AU&rtttime=54&pvid=313&prvAccId=266701947&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=529820104&prspt=headerBid&prvReqId=40817889751342_1506373200_52982010413131&reqsize=970x250&size=970x250&chnl=HARMONY&bdp=0.270&cbdp=0.251&og_cbdp=0.270&ogbdp=0.27&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.251&dt=O&dbf=1&epc=266701947&s=1&snm=SUCCESS&pcrid=8CUABW64L-266701947-9-5&tpbTkn=false&exid=31&bidflr=0.250&pbidflr=0.250&opbidflr=0.250&spbf=0&viewability=87&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1677574383333&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.27&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080812610100970025000000500&strg=HARMONY&vls=0&scrid=1700080812610100970025000000500&mang=1&pvdTmax=251&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUABW64L&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=3&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250%7C728x90%7C970x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=bca7e990d9&acid=5ce40aab538a4786b751c5363e4061f0&rtime=15.0&wsip=mowx-istio-69c8b887cf-j9b2b&ltime=41.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=1730059992&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=5ce40aab538a4786b751c5363e4061f0_1&policy_enf=2&pub_blk_enf=1&renderer=1&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=0.0&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=j7hxGzskAaiNpZ82-8ECFw&supplyTagId=1730059992&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=43&debug_ts=2023-02-28+08%3A53%3A03&__expireat=1677574983592&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.27~vw_exc%3D0.87~vis_sd%3D674~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2023022802~iurl_b%3D939.33~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.53~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D14~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023022802~vis_b%3D903.62~url_b%3D1.06~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.27~vl2r_url_kc%3D0E0~MFB%3D1p~bm%3D1~sid%3D266701947~sd%3D1~uid%3D1HeXw59pz6InZJSibu~btd%3D68618591741009420494398736938116074500286734940189823240203961971987548942990424811394355426562048~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.44~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D66.62~vurl_l%3D20~CI%3D2857~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.7~isif%3D0~lc%3D3~bid%3D0.27~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.251%7Edmm%3Dharmony%7Esuid%3DCAESEMi38fk9u0k9n--ZiXm1H9I%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5781531207509232%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D1730059992%7Esobp%3D%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.250%7Eogbid%3D0.270%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D5%7Edogb%3D0-1~ibc%3D1~nsz%3D3~tgs%3D300x250%7C728x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D251&utime=1748&sf=0&cpr=0.15125534035854749&evttyp=1
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 28 Feb 2023 08:53:06 GMT
match
c1.adform.net/serving/cookie/ Frame 8FC6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 28 Feb 2023 08:53:07 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 28 Feb 2023 08:53:07 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame ACE7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82&gdpr=0&gdpr_consent=
42 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 28 Feb 2023 08:53:06 GMT
Expires
Tue, 28 Feb 2023 08:53:05 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 530 4e92630 master hkg-pixel-x25 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame E8C7 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame AF10
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z4guka8daqi
1 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z4guka8daqi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Tue, 28 Feb 2023 08:53:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z4guka8daqi
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
simage2.pubmatic.com/AdServer/ Frame 0D86
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2232052228606262905&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2232052228606262905&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
cc5044f5-9ab6-4253-8822-55bb20ae6db5
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Feb 2023 08:53:06 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2232052228606262905&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame E67D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 28 Feb 2023 08:53:06 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
usersync.aspx
dis.criteo.com/dis/ Frame 6D8F 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 08:53:06 GMT
expires
Tue, 28 Feb 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
341963
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame BE4A
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=fWuDUWmLADmKn_K38sD9Yw
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=fWuDUWmLADmKn_K38sD9Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:06 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=fWuDUWmLADmKn_K38sD9Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 40F8 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Feb 2023 08:53:06 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame BB91
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FP5VWlQDQ_RIo6JutjmBBa310bc&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FP5VWlQDQ_RIo6JutjmBBa310bc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Feb 2023 08:53:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FP5VWlQDQ_RIo6JutjmBBa310bc&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 539A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KKmDOEu6StuXrfPmm9C3PA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=151663
accept-ranges
bytes
content-length
5554
expires
Thu, 02 Mar 2023 03:00:49 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 539A
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI4QTk4MzM4LTRCQkEtNEFEQi05N0FELUYzRTY5QkQwQjczQxAAGg0I8oH3nwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=68f10b3551911bae29faa9333c6cfda931df49795d9a724c3cca24dd45e0bc5b791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2OGYxMGIzNTUxOTExYmFlMjlmYWE5MzMzYzZjZmRhOTMxZGY0OTc5NWQ5YTcyNGMzY2NhMjRkZDQ1ZTBiYzViNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2OGYxMGIzNTUxOTExYmFlMjlmYWE5MzMzYzZjZmRhOTMxZGY0OTc5NWQ5YTcyNGMzY2NhMjRkZDQ1ZTBiYzViNzkxNDI2YjU0MTdkY2UyMRAAGgwI84H3nwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=18d3523a-39c1-41b5-9fa4-9f70142aa2a5
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=18d3523a-39c1-41b5-9fa4-9f70142aa2a5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:08 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=18d3523a-39c1-41b5-9fa4-9f70142aa2a5
date
Tue, 28 Feb 2023 08:53:08 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
info2
uipapac.semasio.net/pubmatic/1/ Frame 539A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:05 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjhBOTgzMzgtNEJCQS00QURCLTk3QUQtRjNFNjlCRDBCNzND&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECQpWwGK8we5swoDigJj2uo&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECQpWwGK8we5swoDigJj2uo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECQpWwGK8we5swoDigJj2uo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 28 Feb 2023 08:53:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 27 Feb 2023 08:53:06 GMT
28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 539A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/28A98338-4BBA-4ADB-97AD-F3E69BD0B73C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.118.83 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-118-83.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=584b7180-a046-4cd5-8ae1-87ccc771fabd&gdpr=0&gdpr_consent=
42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=584b7180-a046-4cd5-8ae1-87ccc771fabd&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=584b7180-a046-4cd5-8ae1-87ccc771fabd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uXSNbSFE2uV7EVmefTKiTKlnhvSm9bw-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uXSNbSFE2uV7EVmefTKiTKlnhvSm9bw-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uXSNbSFE2uV7EVmefTKiTKlnhvSm9bw-~A&gdpr=0
date
Tue, 28 Feb 2023 08:53:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2639514138855315857
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2639514138855315857
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2639514138855315857
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c84aa6cb-8484-449c-a750-36a04708661a
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c84aa6cb-8484-449c-a750-36a04708661a
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5f42af90-601d-4f37-ba5c-e1fab58fd967&user_group=1&ssp=pubmatic&bsw_param=c84aa6cb-8484-449c-a750-36a04708661a
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d719f6e3-4709-4897-81df-6dc1be3a6813&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d719f6e3-4709-4897-81df-6dc1be3a6813&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d719f6e3-4709-4897-81df-6dc1be3a6813&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 28 Feb 2023 08:53:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1311e923c658228f&is_secure=true&networkId=17100&version=1&nuid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRxxFPkG3zwMpRZd4AAAAAAA&expiration=1677660786&nuid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&...
42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRxxFPkG3zwMpRZd4AAAAAAA&expiration=1677660786&nuid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRxxFPkG3zwMpRZd4AAAAAAA&expiration=1677660786&nuid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8319086899214976091&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8319086899214976091&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8319086899214976091&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 539A
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2232052228606262905
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2232052228606262905
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 28 Feb 2023 08:53:07 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e108b3f3-e886-43e6-9c8a-4dc2fe983927
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2232052228606262905
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
log
hblg.media.net/ Frame CADB 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lper=1&itypeid=17&itype=ADX&cc=AU&cid=8CU3SX34C&reqid=W-vGZZIsMh0FeQaQJtggwQ&vid=W-vGZZIsMh0FeQaQJtggwQ&dn=file.io&rawDn=file.io&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NSW&ct=beaconsfield&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-568b4566f8-gfnq7.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=54203&sckfl=1&suid=CAESEDgsu2TTW37G2c8HYKVEcwQ&smbrid=adx-unknown&usp_status=0&usp_enf=1&gqid=AGJvddewPcC81UQ9DNKrYWw-wOX471hpHQYARsTbo84k-24_m8m0K6ro2zNLSaibP4YsxSlA&pexid=ADX-pub-5781531207509232&geoll=false&is_ortb=false&s_ip=74.125.190.138&s_city=singapore&commit_id=af8d5bf8&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-02-27+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=AU&ipcc=AU&rtttime=51&pvid=313&prvAccId=266701947&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=529820104&prspt=headerBid&prvReqId=25551993851981_995920787_52982010413131&reqsize=970x250&size=970x250&chnl=smm_migration_test&bdp=0.260&cbdp=0.26&og_cbdp=0.260&ogbdp=0.26&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.26&dt=O&dbf=1&epc=266701947&s=1&snm=SUCCESS&pcrid=8CUABW64L-266701947-9-28&tpbTkn=false&exid=31&bidflr=0.250&pbidflr=0.250&opbidflr=0.250&spbf=0&viewability=86&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1677574382910&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.26&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080812610100970025000000500&strg=smm_migration_test&vls=0&scrid=1700080812610100970025000000500&mang=1&pvdTmax=252&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUABW64L&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=4&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250%7C336x280%7C728x90%7C970x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=bca7e990d9&acid=d8c76fc2ab044ee4a0eed077fcfb837e&rtime=29.0&wsip=mowx-istio-69c8b887cf-zzfpc&ltime=44.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1682134090&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=d8c76fc2ab044ee4a0eed077fcfb837e_1&policy_enf=2&pub_blk_enf=1&renderer=1&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=0.0&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=W-vGZZIsMh0FeQaQJtggwQ&supplyTagId=1682134090&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=45&debug_ts=2023-02-28+08%3A53%3A02&__expireat=1677574983163&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.26~vw_exc%3D0.86~smm_bid%3D0.26~vis_sd%3D674~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2023022802~iurl_b%3D939.33~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.53~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D17~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023022802~vis_b%3D890.54~url_b%3D1.06~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D17.3836~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~smm_mul%3D1~l2r_b%3D1000~erpm%3D0.26~vl2r_url_kc%3D0E0~MFB%3DB~bm%3D1.05~smm_sd%3D2023022720~sid%3D266701947~sd%3D1~uid%3D1HeXvCo39qb6aUog8t~btd%3D68618591772838107683910631739801611482562650682741448805103037155055913736223142519613175922757632~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.44~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D66.62~vurl_l%3D20~CI%3D2857~nts%3D4~tb%3D-1~ct%3Dbeaconsfield~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.7~isif%3D0~lc%3D3~bid%3D0.26~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.86%7Eamp%3D1%7Ecbdp%3D0.260%7Edmm%3Dsmm_migration_test%7Esuid%3DCAESEDgsu2TTW37G2c8HYKVEcwQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5781531207509232%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D1682134090%7Esobp%3D%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.250%7Eogbid%3D0.260%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~nsz%3D4~tgs%3D300x250%7C336x280%7C728x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D252&utime=2134&sf=0&cpr=0.5829219715950249&evttyp=1
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 28 Feb 2023 08:53:06 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 08:53:07 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 08:53:07 GMT
server
ATS/9.1.10.25
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:07 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.72.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-72-97.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
2c1a4aec2edae0486c2611cad42d767c21ed34e76440688729a719829352ddb8

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
content-encoding
gzip
x-prebid
pbs-java/1.112.0
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7dfee276e666c549c181fc2d4309c69a4173a53e89412ffde148f041bca8f517

Request headers

Referer
https://www.file.io/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 08:53:07 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
84
prebid
prebid.media.net/rtb/ 		276 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU322PTV
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb7038bb8255c509f069f615d0fda9413e51f6f937cf1017918e8efceecdb953

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:06 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
alt-svc
clear
expires
Tue, 28 Feb 2023 08:53:06 GMT
async_usersync
ib.adnxs.com/ Frame 04A0 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:06 GMT
AN-X-Request-Uuid
b687ee0c-dd98-4ab3-86d1-c5e232823c6a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bqi.php
lg3.media.net/ Frame CADB 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3187&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_itype_id=17&vgd_l2type=scs_newfl&pid=8PO15GP54&vgd_bid=337525&katbid=-103&katen=1&cme=P0oQ0Jz_fZe6zBfgi2dTWTMIheedJOPBuYAiXcVaKAb-emJVGkoDDHkK2qHmJ-RwPYmaKlOSiM4d9pvrxKW3UiZMdYCboyjRDFa_l4jZbcCv22q17LSVG54YqIQumbR4vsdCCALwWWl-KfD051bp1rujoy_ySoKo_tnW2ESD6HPs_eMQEK7kIYMx7O5p4BqStqBSp2jY-zjMC7W6KU9E4POWKD2kmm_HqeDEofle37kgZz6_96Dngg==||jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|WGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U=|a0AmFUYXmD7_pTiXo69EBJEOGGyf-ChDFRZKExw-SKxGHLgk7x378X50AJmGaYxjz6AIg3mJtCM=|QRCjDhs14bwUibF8nO5IzuEe6z6hmLYNpYqQSkemxLa_gkLIEq90kLdR_8n4W_EdvDYPNBhR4N7_W95Of0ctyrTcSpHuZ0M7sH8u54-x9jEIS-5CBsbgq1YbbgwGAuNWkQHWsQULK1bpUjUtPq1KGWj9aBiz-P1PBEGSwTbmCBKIpd4UI11bPlAgvkUrIhKXMEjvOWWAaZTF09qRE8mSezoJHc1uLLz1VAnqgG8IvAqWFxRFTerpAqkIrOl__HdTE_u7kGAXnGk=|u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=266701947&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&vi=1677574384967697800&ugd=4&cc=AU&sc=NSW&bdrid=313&subBdr=196&startTime=1677574385024&vgd_l1rakh=1677574384139623731&l1ch=1&buid=337525&tsrc=entity&sttm=1677574385032&upk=1677574385.12764&hvsid=00001677574385032029185683759810&acid=d8c76fc2ab044ee4a0eed077fcfb837e&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.26~vw_exc%3D0.86~smm_bid%3D0.26~vis_sd%3D674~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2023022802~iurl_b%3D939.33~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.53~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D17~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023022802~vis_b%3D890.54~url_b%3D1.06~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D17.3836~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~smm_mul%3D1~l2r_b%3D1000~erpm%3D0.26~vl2r_url_kc%3D0E0~MFB%3DB~bm%3D1.05~smm_sd%3D2023022720~sid%3D266701947~sd%3D1~uid%3D1HeXvCo39qb6aUog8t~btd%3D68618591772838107683910631739801611482562650682741448805103037155055913736223142519613175922757632~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.44~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D66.62~vurl_l%3D20~CI%3D2857~nts%3D4~tb%3D-1~ct%3Dbeaconsfield~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.7~isif%3D0~lc%3D3~bid%3D0.26~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.86%7Eamp%3D1%7Ecbdp%3D0.260%7Edmm%3Dsmm_migration_test%7Esuid%3DCAESEDgsu2TTW37G2c8HYKVEcwQ%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5781531207509232%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D1682134090%7Esobp%3D%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.250%7Eogbid%3D0.260%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Esmm_api%3Dv1~ibc%3D1~nsz%3D4~tgs%3D300x250%7C336x280%7C728x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D252&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=NSW&infr=1&twna=1&stime=1677574383596&vgd_ecrid=1700080812610100970025000000500&l1hcsd=l1!Sg05m|1310&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&bid=337525&vgd_pgid=p01248961291t202302280853&vgd_pgids=1
Requested by
Host: edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
URL: https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 28 Feb 2023 08:53:06 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 28 Feb 2023 08:53:06 GMT
async_usersync
ib.adnxs.com/ Frame 6D53 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:06 GMT
AN-X-Request-Uuid
58db260e-5866-4bcc-9f5c-79cccfb74c2d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 018B 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:06 GMT
AN-X-Request-Uuid
4efa938e-8195-4b9d-ba3c-9bb785d7ac31
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.183; 173.245.209.183; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bqi.php
lg3.media.net/ Frame 48C2 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3077&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_itype_id=17&vgd_l2type=scs_newfl&pid=8PO15GP54&vgd_bid=337936&katen=1&katbid=-103&cme=IfqTx2r5vgYW4C_TmCK3H-e7R1QEEXzDOml0x8uzHAJMYb9MQTJN4FSmVuV68FWPWxvH5OJW3OLixS7_aCQ6e1ti2z2gdRstZ9tlDF8ggCaX3OzQUD_NCyYRd2p5rIK2CEDnO8ICFtYHyKM7Mr23X4VWJTFheH19EpX69K_2YIetKB9AoIaeWeoTIviV1q-6IGHoWbytUYBcWSmxZz_m1CFElXW_OHfxKsbRKsAi6fPNRRGviDRIfA==||7Csc44TlR7WGVt7Y440heh8_aZFHrmKFh2W7rcbQ7fVzYMGEZZo6m5IkB7sl5c-40pxMr_icg1fpmftxoiUazdTaJRQI2HfzQJlZUg8B--5zpHGB2JHclAxNV71JKdK-ShmHSHJsxa2xMuQRG4AimrAK-QHPWNPJTrS3haiz7cpQtBjxWsx0njRZCdrQv8ylYKpmCbtWAqmui_TFazCiCUknpKRXwkDMDd6rLo-xtnW1KhEa-o_t1CMf6zKQG8yj|u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|a0AmFUYXmD7_pTiXo69EBJEOGGyf-ChDFRZKExw-SKxGHLgk7x378X50AJmGaYxjz6AIg3mJtCM=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=266701947&requrl=https%3A%2F%2Fwww.file.io%2Fk5O8%2Fdownload%2F0hpSPhnEIKmH&vi=1677574384870591736&ugd=4&cc=AU&sc=NSW&bdrid=313&subBdr=196&startTime=1677574385064&vgd_l1rakh=1677574384160676083&l1ch=1&buid=337936&tsrc=entity&sttm=1677574385069&upk=1677574385.12239&hvsid=00001677574385069029185683753044&acid=5ce40aab538a4786b751c5363e4061f0&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.27~vw_exc%3D0.87~vis_sd%3D674~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2023022802~iurl_b%3D939.33~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.53~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D14~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023022802~vis_b%3D903.62~url_b%3D1.06~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.27~vl2r_url_kc%3D0E0~MFB%3D1p~bm%3D1~sid%3D266701947~sd%3D1~uid%3D1HeXw59pz6InZJSibu~btd%3D68618591741009420494398736938116074500286734940189823240203961971987548942990424811394355426562048~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.44~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D66.62~vurl_l%3D20~CI%3D2857~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.7~isif%3D0~lc%3D3~bid%3D0.27~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.251%7Edmm%3Dharmony%7Esuid%3DCAESEMi38fk9u0k9n--ZiXm1H9I%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5781531207509232%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D1730059992%7Esobp%3D%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.250%7Eogbid%3D0.270%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D5%7Edogb%3D0-1~ibc%3D1~nsz%3D3~tgs%3D300x250%7C728x90%7C970x250~bsb%3D0~bsp%3D0~tmx%3D251&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=NSW&infr=1&twna=1&stime=1677574383985&vgd_ecrid=1700080812610100970025000000500&l1hcsd=l1!Sg05m|1310&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&bid=337936&vgd_pgid=p01248961291t202302280853&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 28 Feb 2023 08:53:06 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 28 Feb 2023 08:53:06 GMT
258.json
id5-sync.com/g/v2/ 		462 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
221f132dd4539391affb63b72242b6a52b2c1ea5962529f3e15581e788eebd5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame 6F33 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
13da6faaa8f77dd5c0578c09f27badc3db3c70439f7abd3e58cb9729d7fda155

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2023 08:28:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84901
Connection
keep-alive
Content-Length
10006
Expires
Wed, 01 Mar 2023 08:28:08 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 17B2 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=49&key=4514567127434089773&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:07 GMT
content-length
0
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 17B2 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
/
rtb-csync.smartadserver.com/redir/ Frame 17B2
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=8056245095
  • https://sync.1rx.io/usersync/turn/8463202087290831963?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-cff0e259-a...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
date
Tue, 28 Feb 2023 08:53:08 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcff0e259afb448069f1adf8852f381ea004
content-type
text/html
v1
match.sharethrough.com/sync/ Frame 17B2
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4514567127434089773&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4514567127434089773&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
H2
Server
18.141.61.240 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-61-240.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4514567127434089773&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 17B2
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07010001_63fdc0f363178&gdpr=0&gdpr_consent=
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07010001_63fdc0f363178&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Tue, 28 Feb 2023 08:53:06 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07010001_63fdc0f363178&gdpr=0&gdpr_consent=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
cookiesyncendpoint
sync.aniview.com/ Frame 6F33
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LEO0H573-K-DZ53
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LEO0H573-K-DZ53
0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LEO0H573-K-DZ53
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:08 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LEO0H573-K-DZ53
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6F33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzk4N2NkNzQxMmFlOWJkMWI5MzAzMDJiZGUwODIzNTk1NGQ0OTZjZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzk4N2NkNzQxMmFlOWJkMWI5MzAzMDJiZGUwODIzNTk1NGQ0OTZjZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzk4N2NkNzQxMmFlOWJkMWI5MzAzMDJiZGUwODIzNTk1NGQ0OTZjZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6F33 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0XWG52NZMSPCRD7K69JY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 6F33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEO0H573-K-DZ53
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEO0H573-K-DZ53
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 33B030DE5D65439F8D44DD2914235238 Ref B: SYD03EDGE0911 Ref C: 2023-02-28T08:53:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1vrl/fRI368k+KF5IOw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEO0H573-K-DZ53
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6F33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5FA_FZU-SCQxtOIkTm3hZw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.rITZGBE2oILxredgvGlgoxb5NYPLv0in2d9uw--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.rITZGBE2oILxredgvGlgoxb5NYPLv0in2d9uw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 28 Feb 2023 08:53:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.rITZGBE2oILxredgvGlgoxb5NYPLv0in2d9uw--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 6F33
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sreiVlzWQOa0GoEFwLzcAg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sreiVlzWQOa0GoEFwLzcAg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sreiVlzWQOa0GoEFwLzcAg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 08:53:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MCZCRV7RRS79MY1PEDME
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sreiVlzWQOa0GoEFwLzcAg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6F33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMhSV4uLXSlGq28vdPz8WgA&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMhSV4uLXSlGq28vdPz8WgA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMhSV4uLXSlGq28vdPz8WgA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPMEg1NzMtSy1EWjUz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPMEg1NzMtSy1EWjUz
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H3
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPMEg1NzMtSy1EWjUz
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6F33
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=584b7180-a046-4cd5-8ae1-87ccc771fabd&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=584b7180-a046-4cd5-8ae1-87ccc771fabd&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=584b7180-a046-4cd5-8ae1-87ccc771fabd&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
activeview
pagead2.googlesyndication.com/pcs/ Frame 48C2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPVljO84c_q6XIsqkasOJaK_5YBPyR3Ydw698CJDRopx6b9ZLruIgv2xtFVyzXaBoQC5vVHPtbyRQ8Yu9-Y3iyZol3&sig=Cg0ArKJSzObFNbCOrOChEAE&cid=CAASFeRoQcbfddiQKVeC9_NPCd0kdEJfoQ&id=lidar2&mcvt=1000&p=138,315,392,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=1730059992&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677574383755&rpt=3006&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CADB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoiwNnClJ6jAmY_YrBNO93t5CxN9tsBB9pEWEP41tQnyudRkvi-b1-DfYzWKqI9KbAlTyrxdZVeWSioMwkH1FRTIeb&sig=Cg0ArKJSzMtUXw4eMlmQEAE&cid=CAASFeRoV3VgvBdYKIoqA0epgeKIaetpuQ&id=lidar2&mcvt=1000&p=868,315,1122,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=1682134090&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677574383351&rpt=3653&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 539A 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 271F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62419059&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f84ccb0ee105f2d32746eea84d27c59d592bab0312e372f3727d03529c850e4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 08:53:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame FD45 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26374791&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6f59938b911631effe7d5b9fe53b57eb9fbd9ea9a5b955ffa562f5bc1e986d1c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 28 Feb 2023 08:53:09 GMT
content-length
1927
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 1000
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qylv6hrey6w
42 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qylv6hrey6w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 28 Feb 2023 08:49:27 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qylv6hrey6w
lws
121
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
pxd
dps.jp.cinarra.com/ Frame 4E85 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.222.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-222-83.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Tue, 28 Feb 2023 08:53:09 GMT
cm
ipac.ctnsnet.com/int/ Frame 8D8F 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 28 Feb 2023 08:53:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 51C3
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=36772c707e78438fa34f3aabd6fe7226
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=36772c707e78438fa34f3aabd6fe7226
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 28 Feb 2023 08:53:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=36772c707e78438fa34f3aabd6fe7226
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame 9592
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0QW865Dy1PwVJr5&gdpr=0&gdpr_consent=
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0QW865Dy1PwVJr5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Feb 2023 08:53:09 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0QW865Dy1PwVJr5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-02e88b8c5f9f5616f@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A32A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Tue, 28 Feb 2023 08:53:09 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1a-delivery-1
Pug
simage2.pubmatic.com/AdServer/ Frame B25F
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5669144735
  • https://sync.1rx.io/usersync/tradedesk/584b7180-a046-4cd5-8ae1-87ccc771fabd
  • https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 28 Feb 2023 08:53:09 GMT
etag
RXcff0e259afb448069f1adf8852f381ea004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
i.match
a.tribalfusion.com/ Frame 22F5 		43 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7a07ed9aac846a48-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
cookiesync
core.iprom.net/ Frame 818C 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Feb 2023 08:53:10 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-83e0e18b5b1e@version_1.536v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame BB81
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 28 Feb 2023 08:53:09 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
141
match.deepintent.com/usersync/ Frame F1D8 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 28 Feb 2023 08:53:09 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 8CAA
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 28 Feb 2023 08:53:08 GMT
expires
Mon, 27 Feb 2023 08:53:08 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
qmap
sync.crwdcntrl.net/ Frame 271F
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=&ct=y
Protocol
H2
Server
13.215.75.8 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-75-8.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.18.233
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.21.218
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 271F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ad8c10d8-b6db-4dd7-99cb-49b5b0175507%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&ttd_puid=ad8c10d8-b6db-4dd7-99cb-49b5b0175507%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&ttd_puid=ad8c10d8-b6db-4dd7-99cb-49b5b0175507%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&ttd_puid=ad8c10d8-b6db-4dd7-99cb-49b5b0175507%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame FD45
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=&ct=y
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=&ct=y
Protocol
H2
Server
13.215.75.8 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-75-8.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.16.192
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.30.97
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame FD45
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5bb540ba-bae3-4490-83db-c0160ab86cdb%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&ttd_puid=5bb540ba-bae3-4490-83db-c0160ab86cdb%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&ttd_puid=5bb540ba-bae3-4490-83db-c0160ab86cdb%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=584b7180-a046-4cd5-8ae1-87ccc771fabd&ttd_puid=5bb540ba-bae3-4490-83db-c0160ab86cdb%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
Pug
image2.pubmatic.com/AdServer/ Frame 37DF
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1o88ly04fojq
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1o88ly04fojq
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 28 Feb 2023 08:53:09 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1o88ly04fojq
lws
38
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
pxd
dps.jp.cinarra.com/ Frame EFE0 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.222.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-222-83.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Tue, 28 Feb 2023 08:53:10 GMT
cm
ipac.ctnsnet.com/int/ Frame 6EAA 		43 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 28 Feb 2023 08:53:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame DB39
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2cd58b283f3c41838605f8e6854adae5
42 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2cd58b283f3c41838605f8e6854adae5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 28 Feb 2023 08:53:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2cd58b283f3c41838605f8e6854adae5
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame EDA5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:91bFP8dB1PwVJr5&gdpr=0&gdpr_consent=
42 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:91bFP8dB1PwVJr5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Feb 2023 08:53:09 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:91bFP8dB1PwVJr5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-01530317849a78967@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6189
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Tue, 28 Feb 2023 08:53:09 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=533dcdb0-b745-11ed-8842-cf97ea757811
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1a-delivery-1
RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
sync.targeting.unrulymedia.com/csync/ Frame 4899
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8440104494
  • https://sync.1rx.io/usersync/tradedesk/584b7180-a046-4cd5-8ae1-87ccc771fabd
  • https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.40.73.5 Queenstown Estate, Singapore, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
43
date
Tue, 28 Feb 2023 08:53:09 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 28 Feb 2023 08:53:09 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
pragma
no-cache
i.match
a.tribalfusion.com/ Frame D41E 		43 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7a07ed9c6a9eaaff-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 28 Feb 2023 08:53:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
cookiesync
core.iprom.net/ Frame F99D 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Feb 2023 08:53:10 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-8f2dc288cc16@version_1.536v2
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 2418
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 28 Feb 2023 08:53:09 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesyncendpoint
sync.aniview.com/ Frame D8C6 		0
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1677574385232-939013850577-001196-000-008171&biddername=1&key=28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.104.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-104-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 28 Feb 2023 08:53:09 GMT
avpb7.36.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame A37C 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a2.js
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
6f5f87f94d55b0e001f3e238ef216f9082c3a27c163e85a34cb309d515f9bed9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:09 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 07:09:49 GMT
etag
"1677568189"
x-hw
1677574389.dop207.sj3.t,1677574389.cds103.sj3.hn,1677574389.cds220.sj3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
20166
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=0&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.24&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=7574389153
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
189
expires
Thu, 01 Jan 1970 00:00:00 GMT
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=0&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=1.35&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=7574389154
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
189
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
358 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583018&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=0&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.225.91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-225-91.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.file.io
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
1196579
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AU&cos=Windows&r=www.file.io&rs=www.file.io&sid=80934&t=1677574385&cip=173.245.209.183&sn=&tgt=0&osv=10&bv=110.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=1&d64=d0372876801fd44b3ee9d1cdc899bf6e&d63=d0372876801fd44b3ee9d1cdc899bf6e&aafaid=&proto=https&uid=1677574385232-939013850577-001196-000-008171&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.85&cb=20007358778&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=173.245.209.183&cd18=-33.89790&cd17=151.18970&d9=0000&d37=realtime&pt=2&cmid=&cwid=&cvid=63f7530d2bdf8c59ab0dcf13&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1677574389155&asid=637b7eaa93283f4fba7e40c8%2C63ca668fc59e20cf6801d2f2%2C633be2470cbd4b48090dc596%2C5ff87336239c6c7fd600e1b5%2C5ffffc9e712b1564036ba7e2&ofpr=%2C0.49%2C%2C0.49%2C0.49&fpo=%2C%2C%2C%2C&ri=%2C%2C%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.57.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-57-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AU&cos=Windows&r=www.file.io&rs=www.file.io&sid=80934&t=1677574385&cip=173.245.209.183&sn=&tgt=0&osv=10&bv=110.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=1&d64=d0372876801fd44b3ee9d1cdc899bf6e&d63=d0372876801fd44b3ee9d1cdc899bf6e&aafaid=&proto=https&uid=1677574385232-939013850577-001196-000-008171&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.85&cb=20007358778&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=173.245.209.183&cd18=-33.89790&cd17=151.18970&d9=0000&d37=realtime&pt=2&cmid=&cwid=&cvid=63f7530d2bdf8c59ab0dcf13&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1677574389155&asid=6245a97f138a392b6f34aeb8%2C624c0a0dc3ddce30871b2de4%2C63a1ca4ca1fcfb996304f029%2C62e3ca7e498748c593005cc4&ofpr=%2C0.72%2C1.35%2C&fpo=%2C%2C%2C&ri=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.57.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-57-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.40.73.4 Queenstown Estate, Singapore, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 28 Feb 2023 08:53:09 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Feb 2023 08:53:09 GMT
server
ATS/9.1.10.25
unruly_prebid
targeting.unrulymedia.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.40.73.4 Queenstown Estate, Singapore, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.file.io
pragma
no-cache
date
Tue, 28 Feb 2023 08:53:10 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.72.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-72-97.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
dc0937cff5ac7c1c593ac85e6c8e92a7357c5abe88523c2c21bc9a2be91b69f1

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 08:53:09 GMT
content-encoding
gzip
x-prebid
pbs-java/1.112.0
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fb8e5134431e53290e82ebacf3f3744bc7eaba86ce12756e6201bfacad6de233

Request headers

Referer
https://www.file.io/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Feb 2023 08:53:09 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
84
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
track1.aniview.com/ Frame A37C 		0
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=AU&cos=Windows&r=www.file.io&rs=www.file.io&sid=80934&t=1677574385&cip=173.245.209.183&sn=&tgt=0&osv=10&bv=110.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=1&d64=d0372876801fd44b3ee9d1cdc899bf6e&d63=d0372876801fd44b3ee9d1cdc899bf6e&aafaid=&proto=https&uid=1677574385232-939013850577-001196-000-008171&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.85&cb=20007358778&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=173.245.209.183&cd18=-33.89790&cd17=151.18970&d9=0000&d37=realtime&pt=2&cmid=&cwid=&cvid=63f7530d2bdf8c59ab0dcf13&AV_WIDTH=440&AV_HEIGHT=247
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.57.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-57-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 08:53:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 3782 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Feb 2023 08:53:09 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame A56C 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU322PTV&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
12aaa250aa8bbb4ca5674438d0bb84ffd10c3ce1cc3fa102aa9126418b9033d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9348
content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 08:53:09 GMT
expires
Thu, 02 Mar 2023 08:53:09 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8717 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: www.file.io
URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151660
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 28 Feb 2023 08:53:09 GMT
expires
Thu, 02 Mar 2023 03:00:49 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 3782 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
13da6faaa8f77dd5c0578c09f27badc3db3c70439f7abd3e58cb9729d7fda155

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 08:53:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2023 08:28:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84898
Connection
keep-alive
Content-Length
10006
Expires
Wed, 01 Mar 2023 08:28:08 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
db1ab08d6b6b6e24f2cd0e2dcec7dfffa34950c4f08b04c986949c1a9aa51fc3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Tue, 28 Feb 2023 08:53:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
258.json
id5-sync.com/g/v2/ 		455 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
113ebea460e780d8163e27f41ec3dfe7a0e0266ad9802b6a4bbebd7046fb074f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Feb 2023 08:53:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
SPug
simage4.pubmatic.com/AdServer/ Frame 271F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame FD45 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160993&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677574385232-939013850577-001196-000-008171%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:53:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 8717 		348 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11806606&p=161335&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
101777c6f6adc8a6bcef784029049af8b77d05431698e4aefcc91fb396857968

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 28 Feb 2023 08:53:13 GMT
content-length
348
content-type
text/html; charset=UTF-8
141
match.deepintent.com/usersync/ Frame F638 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Tue, 28 Feb 2023 08:53:12 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 6D6A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
1 B
58 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 28 Feb 2023 08:53:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 28 Feb 2023 08:53:13 GMT
expires
Mon, 27 Feb 2023 08:53:13 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A2E14E2036624C24BE16D1DBBBD8569C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
SPug
simage4.pubmatic.com/AdServer/ Frame 8717 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161335&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 boolean| credentialless string| GoogleAnalyticsObject function| ga string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| __LOADABLE_LOADED_CHUNKS__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate number| gatsby_scroll_offset number| gatsby_scroll_duration object| __vm_add object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| mnet object| __VM function| ym object| googletag object| ggeac boolean| google_plmetrics object| google_js_reporting_queue object| sas object| apntag object| _ADAGIO object| aniviewRenderer undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| Ya object| yaCounter90916604 object| aniplayerPos object| GoogleGcLKhOms object| com function| _avcp object| storageAni object| google_image_requests

198 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ1dvmuekwCgoIgQIQ1dvmuekwCgoI4gEQ1dvmuekwCgoI5gEQ1dvmuekwCgoIhwIQ1dvmuekwCgkICRDV2-a56TAKCQg6ENXb5rnpMAoKCIwCENXb5rnpMAoJCF8Q1dvmuekwCgkIHxDV2-a56TA=
.file.io/ Name: _ga
Value: GA1.2.1616842533.1677574378
.file.io/ Name: _gid
Value: GA1.2.899631946.1677574378
.file.io/ Name: _gat
Value: 1
www.file.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: uuid2
Value: 2232052228606262905
.omnitagjs.com/ Name: ayl_visitor
Value: 73be704cf72d2a77100e2e959b3ac1f5
.go.sonobi.com/ Name: __uis
Value: 8a30bdcf-c3f8-4df9-86fb-30348e4f56bc
.go.sonobi.com/ Name: _usd_file.io
Value: 8652c3d7-c6f1-4e84-b05b-cff429e00190
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_yh
Value: 1
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.adnxs.com/ Name: icu
Value: ChkInZeIARAKGAIgAigCMO2B958GOAJAAkgCEO2B958GGAE.
.yahoo.com/ Name: A3
Value: d=AQABBO3A_WMCEM6Hje0genXRPJuQdN-dqDcFEgEBAQES_2MHZAAAAAAA_eMAAA&S=AQAAAinYXsgUvpXZvMPPBqqeUAc
.prebid.a-mo.net/ Name: __amc
Value: 1_1677574381_1677574381
.a-mo.net/ Name: amuid2
Value: 528dcc40-afc2-47e6-a469-3a68e3c2c7e9
.prebid.a-mo.net/ Name: sd_amuid2
Value: 528dcc40-afc2-47e6-a469-3a68e3c2c7e9
.go.sonobi.com/ Name: HAPLB3A
Value: s3550|Y/3A8
.360yield.com/ Name: tuuid
Value: 6b4fd46d-e7fe-44bc-ba78-f197c33ed5fb
.360yield.com/ Name: tuuid_lu
Value: 1677574382
.file.io/ Name: _ym_uid
Value: 1677574382721367189
.file.io/ Name: _ym_d
Value: 1677574382
.file.io/ Name: __gads
Value: ID=c7dc29e9685967cf:T=1677574381:S=ALNI_MYdo4SzkloN7vTjLovWY8yUrq8dQw
.file.io/ Name: __gpi
Value: UID=00000bce201e176d:T=1677574381:RT=1677574381:S=ALNI_Mbr8cWPRsQXeNs0tLE5KMBfEdvKVQ
mc.yandex.ru/ Name: yabs-sid
Value: 277484721677574382
.yandex.ru/ Name: i
Value: lg2LVd4wtnoQFD2rXxsHoIjIrmHxxcooSjt9CaqoKXoxmbUUbejIwxhPQfp4P9oOeIxKxCXxZD+8v6eoLS6dELylWWI=
.yandex.ru/ Name: yandexuid
Value: 7067714081677574382
.yandex.ru/ Name: yuidss
Value: 7067714081677574382
.yandex.ru/ Name: ymex
Value: 1992934382.yc.1677574382#1992934382.yrts.1677574382#1992934382.yrtsi.1677574382
.file.io/ Name: _ym_isad
Value: 2
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 321135=5342933
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1314363065%3B%24ql%3DHigh%3B%24qpc%3D2015%3B%24qt%3D164_988_186684t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 4514567127434089773
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1314363065%3B%24ql%3DHigh%3B%24qpc%3D2015%3B%24qt%3D164_988_186684t%3B%24dma%3D0&c=1&l=243748762&lo=14613720&lt=638131711824417032&o=1
.doubleclick.net/ Name: IDE
Value: AHWqTUkiuIvsdykN6ckDtHnaoIESPtbqtAfk-TfYHfR9avVSTGRp1jergAzpUloZVFE
www.file.io/ Name: _lr_retry_request
Value: true
www.file.io/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDID
Value: 584b7180-a046-4cd5-8ae1-87ccc771fabd
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.33across.com/ Name: check
Value: true
.3lift.com/ Name: tluid
Value: 3369387884448946755240
.contextweb.com/ Name: V
Value: iOr69mgMXzzW
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: eb96b585c4af8b58
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.bidswitch.net/ Name: c
Value: 1677574385
.mathtag.com/ Name: uuid
Value: 345463fd-c0f1-4500-9fc4-78b7daf0bb82
.media.net/ Name: visitor-id
Value: 3205759856837511000V10
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 0A3AC1F675FC69D013A5D330746C6817
.file.io/ Name: cto_bundle
Value: VNzNd19OdmZBWlFHMm94M09GMjdqaW94am1talBDUFhtUlVaRDE1clp3WGZhcDJycG5DRDZSUzBlU2xDRzZpJTJCWThHckRnJTJGbE5KQWR3ajIlMkY0ZGR2TmRrNjZmZXF2UHNiVEN5T2piSWw3QzNrTHdkNCUzRA
.file.io/ Name: cto_bidid
Value: up5Tm19yJTJGQmMwU2RSUkRuVXRpdWw0ZzNWQjBwZVZ5UHJTQUxQc3Y5Vnc4SW9NU2RCTmhzNWhsc2RaTml3eThudER3REIlMkZRclg3RjFLVENjR01VOSUyQiUyRlFEZDlRJTNEJTNE
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1j6r|7LJ.0.8a30bdcf-c3f8-4df9-86fb-30348e4f56bc|4is.0.CAESEAuMcMtcnuK_N3UYv4pklus
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.media.net/ Name: data-ttd
Value: 584b7180-a046-4cd5-8ae1-87ccc771fabd~~1
.media.net/ Name: data-g
Value: CAESEKCjsL-Dr9XhaqPRr7sTHk8~~6
.openx.net/ Name: i
Value: ae719f29-9ef9-4ef7-9026-2687ab6015e4|1677574385
.go.sonobi.com/ Name: __uin_td
Value: 584b7180-a046-4cd5-8ae1-87ccc771fabd
.linkedin.com/ Name: bcookie
Value: "v=2&74b1317e-2a45-4b78-829a-22a9a9a00b81"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2564:u=1:x=1:i=1677574385:t=1677660785:v=2:sig=AQEsar46xcT2BpAAxVNpyOlWXyyDreGO"
.sharethrough.com/ Name: stx_user_id
Value: cedc2b51-a529-4eb5-990e-2dc216ad066f
.go.sonobi.com/ Name: __uin_eb
Value: CAESEDmTT-FfFiG2ZHuhb_VcIe4||1
.go.sonobi.com/ Name: __uin_mm
Value: 345463fd-c0f1-4500-9fc4-78b7daf0bb82
.adingo.jp/ Name: ID
Value: 227d6c03e23bf7ccafa251f5289c6b3d
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.go.sonobi.com/ Name: __uin_yh
Value: y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
.lijit.com/ Name: ljt_reader
Value: GOzVCLZH5dv441RoTMe8YhTl
.ads.stickyadstv.com/ Name: UID
Value: 9f9a28502c69d4b73a91a4b1566c84b
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A9182664047325447741
.bidswitch.net/ Name: tuuid
Value: d719f6e3-4709-4897-81df-6dc1be3a6813
.bidswitch.net/ Name: tuuid_lu
Value: 1677574386
.send.microad.jp/ Name: TR
Value: 7a57f57dfd8f8f76086388e8ddd7e20927f934e256e6be8e
.go.sonobi.com/ Name: __uin_pp
Value: iOr69mgMXzzW
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: AydrP7jBgkL8iLpWdsvne-Y
fksnk.com/ Name: AWSALBCORS
Value: 5Xf6GY6SpjppqsihjNucsS1FP9qNPcTSHdXTOfsynqnvbco3e3zHBsP37E/+zgjMPZdXNZ3XJZvsd45NIA9aAt/azSVIJ9agT2XglLbveskRWH6matP2CScqTzJM
.fksnk.com/ Name: f_001
Value: 2A6918724B1B8AC0
.fksnk.com/ Name: g_001
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "196y~2a8w:1991~2a8w:18z8~2a8w"
.csync.loopme.me/ Name: viewer_token
Value: ce2f40bd-d059-45ed-98a2-5d4b6d219112
.aniview.com/ Name: 1_C_9
Value: 98aa423e813894639267394451cdb2e3
sync.aniview.com/ Name: 1_C_9
Value: 98aa423e813894639267394451cdb2e3
.aniview.com/ Name: 1_C_78
Value: y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A
sync.aniview.com/ Name: 1_C_78
Value: y-qznR0rxE2uHMYOaB.kVrL_bJNkOLkUQpNUib1MQ-~A
.aniview.com/ Name: 1_C_23
Value: 215f38da-3f4f-451c-9f93-5b724b110f2b
sync.aniview.com/ Name: 1_C_23
Value: 215f38da-3f4f-451c-9f93-5b724b110f2b
ads.playground.xyz/ Name: connect.sid
Value: s%3AauoSigmPXkaJsgl-BQiM3YeFm08lULxO.jtlBWWHgL7DOikSJBF2pgM7psZK%2Fwv0B5JPW7pieWmg
.adtdp.com/ Name: uid
Value: AYaXObMpss9ixBE7c4Q
.adtdp.com/ Name: dynid
Value: AYaXObMpss9ixBE7c4Q
.admixer.net/ Name: am-uid
Value: eee0cfdcad5548a7882e6996e87e0001
.dotomi.com/ Name: DotomiTest
Value: 1311e923c658228f
.aniview.com/ Name: aniC
Value: 1677574385232-939013850577-001196-000-008171
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-91884c5a-7b06-455f-5548-b9e7d5f3d3b8.AiwQn3PGjSj0oPdlBdI1%2BILyaypuvmXYdkPf05EHqlI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AkYhMWnsGRV9VSLnn1fPTuK310bc.IunTkOzgndT%2FEDzMivGQsikn%2FHnix4O8aeR0d9gLUB8
.aniview.com/ Name: 1_C_56
Value: 0a4deedc-e5cf-4710-ae76-158c3fb84e3e
sync.aniview.com/ Name: 1_C_56
Value: 0a4deedc-e5cf-4710-ae76-158c3fb84e3e
.aniview.com/ Name: 1_C_18
Value: GOzVCLZH5dv441RoTMe8YhTl
sync.aniview.com/ Name: 1_C_18
Value: GOzVCLZH5dv441RoTMe8YhTl
.media.net/ Name: data-lop
Value: ce2f40bd-d059-45ed-98a2-5d4b6d219112~~1
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: z4guka8daqi
.quantserve.com/ Name: d
Value: ENsBCwGzKPijAA
.quantserve.com/ Name: mc
Value: 63fdc0f2-b3ad2-b443b-52d00
.c.appier.net/ Name: _auid
Value: fWuDUWmLADmKn_K38sD9Yw
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82&KRTB&16736-uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82&KRTB&23019-uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82&KRTB&23114-uid:345463fd-c0f1-4500-9fc4-78b7daf0bb82
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2232052228606262905&KRTB&23339-2232052228606262905
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-FP5VWlQDQ_RIo6JutjmBBa310bc&KRTB&23334-FP5VWlQDQ_RIo6JutjmBBa310bc&KRTB&23417-FP5VWlQDQ_RIo6JutjmBBa310bc&KRTB&23426-FP5VWlQDQ_RIo6JutjmBBa310bc
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-584b7180-a046-4cd5-8ae1-87ccc771fabd&KRTB&22918-584b7180-a046-4cd5-8ae1-87ccc771fabd&KRTB&23031-584b7180-a046-4cd5-8ae1-87ccc771fabd
.simpli.fi/ Name: suid
Value: A2E14E2036624C24BE16D1DBBBD8569C
.aniview.com/ Name: 1_C_24
Value: d719f6e3-4709-4897-81df-6dc1be3a6813
sync.aniview.com/ Name: 1_C_24
Value: d719f6e3-4709-4897-81df-6dc1be3a6813
.rubiconproject.com/ Name: khaos
Value: LEO0H573-K-DZ53
.rlcdn.com/ Name: pxrc
Value: CPKB958GEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-z4guka8daqi
.go.sonobi.com/ Name: __uin_bw
Value: d719f6e3-4709-4897-81df-6dc1be3a6813
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A9182664047325447741
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMRxxFPkG3zwMpRZd4AAAAAAA&KRTB&22713-AAAMRxxFPkG3zwMpRZd4AAAAAAA&KRTB&22715-AAAMRxxFPkG3zwMpRZd4AAAAAAA
.aniview.com/ Name: 1_C_49
Value: 4514567127434089773
sync.aniview.com/ Name: 1_C_49
Value: 4514567127434089773
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-&KRTB&19420-1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-&KRTB&22979-1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-&KRTB&23403-1LKRZIGxkTLP48RhhrPaYta1xGLPtMVk0rHx73m-
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-fWuDUWmLADmKn_K38sD9Yw
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A2E14E2036624C24BE16D1DBBBD8569C
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESECQpWwGK8we5swoDigJj2uo&KRTB&22987-CAESECQpWwGK8we5swoDigJj2uo&KRTB&23025-CAESECQpWwGK8we5swoDigJj2uo&KRTB&23386-CAESECQpWwGK8we5swoDigJj2uo
.pippio.com/ Name: did
Value: YsQoOeDnCsyJBt5j
.pippio.com/ Name: didts
Value: 1677574387
.pippio.com/ Name: nnls
Value:
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0MjA1NzE0MbUwMrWwMDU1NhHiM9T1rjSxTA0ICEkJi3QCAMDGeR4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZm5uam5ibGFuYmQIABxXXW8QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0MjA1NzE0MbUwMrWwMDU1NhHiM9T1rjSxTA0ICEkJi3QCAMDGeR4lAAAA
.dyntrk.com/ Name: dyn_u
Value: 07010001_63fdc0f363178
.turn.com/ Name: uid
Value: 8391144493252904027
pool.admedo.com/ Name: tuuid
Value: 5f42af90-601d-4f37-ba5c-e1fab58fd967
pool.admedo.com/ Name: c
Value: 1677574387
pool.admedo.com/ Name: tuuid_lu
Value: 1677574387
.go.sonobi.com/ Name: __uin_zt
Value: 1920574145825885534
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8319086899214976091&KRTB&23150-8319086899214976091
.adform.net/ Name: C
Value: 1
.pippio.com/ Name: pxrc
Value: CPOB958GEgQIAhAAEgYI7OsBEAA=
.adform.net/ Name: uid
Value: 401839913283438738
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2639514138855315857&KRTB&23263-2639514138855315857
.linksynergy.com/ Name: rmuid
Value: 18d3523a-39c1-41b5-9fa4-9f70142aa2a5
.linksynergy.com/ Name: icts
Value: 2023-02-28T08:53:08Z
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d719f6e3-4709-4897-81df-6dc1be3a6813
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004%22%7D
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ4xiQagDbn2LUyebV3a1stl2R2YUahJG/AYYUJzRShn9KjhRqagtQ84NzI3Q70GGqGZf3kIy4pojg/KxMNcBf9
.semasio.net/ Name: SEUNCY
Value: 3AC8244DD1FC62B
.smartadserver.com/ Name: csync
Value: 69:07010001_63fdc0f363178|113:RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004|139:0
.rlcdn.com/ Name: rlas3
Value: H2cGL+5a7/fsx/QMaD+7YZhsud5fnnYiEbhqXOSxhxA=
.aniview.com/ Name: 1_C_5
Value: LEO0H573-K-DZ53
sync.aniview.com/ Name: 1_C_5
Value: LEO0H573-K-DZ53
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1678147200%3A248_164%7C1678752000%3A201_197_226_245
.pubmatic.com/ Name: pi
Value: 160993:4
.pubmatic.com/ Name: SyncRTB3
Value: 1678147200%3A223_2_15%7C1678752000%3A22_247_96_54_107_254_214_179_71_13_56_5_3_176_234_8_21_204_220_99_238_233_7_209_165%7C1678406400%3A63%7C1678838400%3A35
.ctnsnet.com/ Name: cid_446a0db3169e4d1193c4be5ad925d0ff
Value: 1
.ctnsnet.com/ Name: cid_36772c707e78438fa34f3aabd6fe7226
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004%22%2C%22nxtrdr%22%3Afalse%7D
.ctnsnet.com/ Name: cid_6c39f75766994c2cbb4cb5b3452797cc
Value: 1
.ctnsnet.com/ Name: cid_2cd58b283f3c41838605f8e6854adae5
Value: 1
.aniview.com/ Name: 1_C_1
Value: 28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
sync.aniview.com/ Name: 1_C_1
Value: 28A98338-4BBA-4ADB-97AD-F3E69BD0B73C
.gammaplatform.com/ Name: _aGeoIp
Value: ES|Toledo
.tribalfusion.com/ Name: ANON_ID
Value: a7nvJOwyEoipuMNpbZaFOY8kqnTRNfwS3HusGj03q3c8vZaYpCbHkBwT0JWNacXjIrQAksHfLjL3y8qpaio7UyHhKAwLgMZdawYg5LKfmGAvJWcJGXV7hZbo8ZcqK
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-2cd58b283f3c41838605f8e6854adae5&KRTB&23328-2cd58b283f3c41838605f8e6854adae5&KRTB&23427-2cd58b283f3c41838605f8e6854adae5&KRTB&23445-2cd58b283f3c41838605f8e6854adae5
.gammaplatform.com/ Name: _aUID
Value: 1o88ly04fojq
.adgrx.com/ Name: ADGRX_UID
Value: 533dcdb0-b745-11ed-8842-cf97ea757811
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCMCY_tLn3Mw7EAUSFwoIcHVibWF0aWMSCwjygN7c59zMOxAFEhgKCWJpZHN3aXRjaBILCKzureDn3Mw7EAUSFgoHcnViaWNvbhILCPj9n-fn3Mw7EAUSFAoFdGFwYWQSCwiMhcP859zMOxAFGAEgASgCMgsIjP3Fqf7czDsQBTgBWgV0YXBhZGAC
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: cd924c7c5099524e20cc28ad1e4144b8
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004&KRTB&17107-RX-cff0e259-afb4-4806-9f1a-df8852f381ea-004
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1424
.w55c.net/ Name: matchpubmatic
Value: 5
.tapad.com/ Name: TapAd_TS
Value: 1677574389233
.tapad.com/ Name: TapAd_DID
Value: 5bb540ba-bae3-4490-83db-c0160ab86cdb
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1o88ly04fojq&KRTB&23446-1o88ly04fojq
.w55c.net/ Name: wfivefivec
Value: 91bFP8dB1PwVJr5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-533dcdb0-b745-11ed-8842-cf97ea757811&KRTB&23275-533dcdb0-b745-11ed-8842-cf97ea757811
.pubmatic.com/ Name: PugT
Value: 1677574390
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:91bFP8dB1PwVJr5&KRTB&23457-uid:91bFP8dB1PwVJr5&KRTB&23421-uid:91bFP8dB1PwVJr5
.id5-sync.com/ Name: id5
Value: 7f863d69-5a14-708d-a54f-6d2f8e590908#1677574387870#2
.pubmatic.com/ Name: SPugT
Value: 1677574391

3 Console Messages

Source Level URL
Text
javascript error URL: https://www.file.io/k5O8/download/0hpSPhnEIKmH
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.file.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEOfKBmZ6ogx_zVX0P3KTbNM&google_cver=1&google_push=Aa02lx-jDi8czDAvydCbaZi574c_V0MXPEsWtunZKYGPUqGWPPntWA8rUjDRqPDzT0Va6wDfQ3aEkFTNtKhi_8FwA1IdUEjlCv9j
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.com.au
aid.send.microad.jp
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
app.cauly.co.kr
bh.contextweb.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cc.adingo.jp
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
content1.avplayer.com
contextual.media.net
core.iprom.net
cs.admanmedia.com
cs.media.net
csync.loopme.me
d1oykxszdrgjgl.cloudfront.net
dclk-match.dotomi.com
dis.criteo.com
dps.jp.cinarra.com
dsp.adkernel.com
dynalyst-sync.adtdp.com
eb2.3lift.com
edcedf71f1c28c57a2c13579f0c98422.safeframe.googlesyndication.com
eus.rubiconproject.com
feed.avplayer.com
file.io
fksnk.com
go1.aniview.com
gocm.c.appier.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
hblg.media.net
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mc.yandex.ru
onetag-sys.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
player.avplayer.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.tribalfusion.com
s2s.aniview.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.rd.linksynergy.com
targeting.unrulymedia.com
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
track1.aniview.com
track1.avplayer.com
u.openx.net
uipapac.semasio.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
warp.media.net
web.ssp.yahoo.com
www.file.io
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
simage4.pubmatic.com
sync-tm.everesttech.net
103.229.10.192
103.229.206.240
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
104.18.25.173
104.254.148.251
104.254.151.69
104.26.8.169
107.178.254.65
119.9.108.180
13.107.42.14
13.215.220.77
13.215.75.8
13.250.192.86
13.250.207.233
13.33.88.30
133.186.161.88
138.199.46.68
139.99.49.250
141.95.98.64
142.251.10.132
142.251.10.154
145.40.73.4
145.40.73.5
145.40.88.5
15.197.193.217
150.136.26.45
162.19.138.120
169.197.150.7
172.104.45.159
172.217.194.103
172.217.194.156
172.217.194.157
172.253.118.100
172.253.118.155
172.67.36.131
172.67.69.19
174.137.133.49
175.41.222.83
18.136.225.91
18.138.18.111
18.140.118.83
18.141.61.240
18.155.70.99
18.179.72.97
18.205.57.11
182.161.73.136
182.161.73.146
184.51.136.24
184.51.240.199
184.51.240.213
185.84.60.21
185.86.138.16
195.5.165.20
198.8.71.130
202.233.84.1
204.79.197.200
209.191.163.208
220.150.223.50
23.106.127.53
23.106.69.72
23.108.103.8
23.211.140.123
23.41.65.80
23.55.56.245
23.75.85.227
3.214.171.223
34.102.253.54
34.107.148.139
34.111.113.62
34.192.34.224
34.197.10.85
34.95.69.49
34.98.67.3
35.186.193.173
35.190.60.146
35.213.12.39
35.214.223.115
35.230.38.116
35.244.159.8
35.244.193.51
35.71.178.8
37.157.3.30
42.99.140.216
50.116.239.135
50.57.31.206
52.193.212.189
52.206.131.34
52.220.229.2
52.43.45.49
52.46.151.131
52.51.38.237
52.74.162.2
52.77.152.198
52.87.37.104
54.146.146.97
54.147.104.157
54.150.124.224
54.178.92.55
54.179.251.78
54.254.189.210
67.199.150.82
67.199.150.86
67.220.226.234
69.16.175.10
69.173.158.64
72.34.250.75
72.34.250.78
74.125.24.132
74.125.24.154
74.125.24.155
74.125.68.154
74.214.196.131
8.43.72.98
80.77.87.161
87.250.251.119
89.207.22.140
96.17.188.24
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04afc90111de0665453b3f792bc1112feb5ee5bad24b9e206af915941da8c300
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
07f9fa6fcbfafd8f84bb49e24ce194a8e0d1b07d6c79b2c84768a3e3bc04cf13
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101777c6f6adc8a6bcef784029049af8b77d05431698e4aefcc91fb396857968
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
113ebea460e780d8163e27f41ec3dfe7a0e0266ad9802b6a4bbebd7046fb074f
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
12aaa250aa8bbb4ca5674438d0bb84ffd10c3ce1cc3fa102aa9126418b9033d3
13339c98360f911cb2ffc6697ce70077e73b8213d11e072631d03792354e4696
139b8a2ed51afa8e3ccc51360c7f06124aaae6fa467010dd7d2d468c45650025
13da6faaa8f77dd5c0578c09f27badc3db3c70439f7abd3e58cb9729d7fda155
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
221f132dd4539391affb63b72242b6a52b2c1ea5962529f3e15581e788eebd5c
2bbcd7df67e16e3cea4ea63092724a0fb5a9cb1591f4dcf15eb45334be8df9bf
2c1a4aec2edae0486c2611cad42d767c21ed34e76440688729a719829352ddb8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
313b70510efaff4da4361a9c49c12046274ef1d9949f6fa97add685f7e6e2343
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32593a95433be5f659a20d0b41ba5d8b870016a03cbd7dea8441dd844f1ccc69
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eae67948d40ba7e48ffcdc4f534d48bcae6f98e5d1fc77afa1c7e931462772f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
416d2349f28515c7cb5870cbe2d68ca856da606d52015ab39612fc342ba29984
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
459793b7785aeed13fe7c7985c32fa2811205bdd22e1283536aecc40ebcc471d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48131a91acd22a3eb704e78dff1b31c7b6de5006b1871e3d5a196394410fcc12
4852bf17c2c7d1720a1f959c0f459a003d46807d0f50bb1ae21974fde3aa1f41
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4aa4bfe78145796fb71803e6f64f78c7878792e999e967c47ee7afcabe7553a6
4d009a4452039d36976c1fe64f297c02ac17eb820a320de6cd6c2c9f6ea3bf1f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea4aac0ea23d8a2f161d7a2cdb85b1273fcc7e76f405a55a1e4fc6eb8faac0d
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
4ff28b8b3e390ae39906cdfefdb8546c47e1d2d2a17ccda52b6d1f2a0e3e5988
507b637b1c4d256d43f0fa5114c1041d439a89e297853e91c95fbb2964bd6543
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe
546e5b87fa2f69d793cc8892a620aada669ff515ea68579b8d0483cd3aea091b
5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e2bc0de80dec3d96b000d97adcb7a1cce1e7260555f4141f5677a91c730dbe
565fba6e6a6417af5fbd1da6277955d16e0f063a350e477d78cbdbb46dc3d03f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b292d46f0f5b8994adc2fa1e0034a46e7331ff1e525d5a9e9cef154910684f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
6b1f78766f76bfb9c7c7161eebe06b76c3f372d5bd8b8a39174c09470287282e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f59938b911631effe7d5b9fe53b57eb9fbd9ea9a5b955ffa562f5bc1e986d1c
6f5f87f94d55b0e001f3e238ef216f9082c3a27c163e85a34cb309d515f9bed9
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
75903ebd0e23e2661e98e831d3c20da38589835ef1443175d4b9335c92fa77e7
78fb6d6d560b30861e9903beae2f71a4a5f8011a4841fb0095f0ca67be52831a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7dfee276e666c549c181fc2d4309c69a4173a53e89412ffde148f041bca8f517
7f6bb4b03a78640219127af6919938631175b162fd6801a35cdfe0ace3e41d73
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
88d26425240bedcec10179d5fda0301b29fa0346b7792e7efe5bff55a16873b5
89e0cd9b5bf6b9054abfc063257e02657b90a8388c9a43f17b83ef77dbbbba6a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b170a0287ee94bc842446e3fcc27fea3016a083d8fc5fb48d6a645d14251921
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a987eec9fa260f4b33c4ec12eac25bb25876162a654942ed06605e77b3a1cec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7cec8ed1cb161f78d9b55fbd1bbb7fd538a55678da857e5f426a0bfd3032e8
9c888355c2877dafece800a73ee67c11e05ef90d384f015e82b175f07d629b0b
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9df4a08659471f578eae8fcc39660cd4e3a4cfc762b42a57d0f7427bc530de40
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884
9e673ccfd47b73c3d5ecb9642c709cf44f541216de14a3cfe0c5f3bef0112281
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681
a287464609ebcb8a58b57af1942b59833e8d39e0aa924570459be87b919de017
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54cc829e9e54c97f61adab5c35ac3225b179b11a792a91f49022d1db7b9b9aa
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
adb2e9e059ded06e4d90112e3e0e740d59b3f76c3663f35f95062dceb12f4e12
add129d75bcc0c975d5dfbfbd7504c73294e1b967bc16c3f102a11ff394853fb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0840a1f1ab455814832e0bef5ba160a49ae6678a07f98046114163dabe1c6b1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8aec94bcbb5cb4ce81212c5327961f99dc4573c32d09a7e7582e0797a605aaf
b9957be3b1f6dc693869394177647cef368fd9999cf4f9f22c0eb86307c8f63b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc567154ccb8ee5a485208118eb8aacf221240acefa17b1d492325fe206a416e
bf2dd31df32a13a0c122ce7ba2c6bf622b7d6e85b6bc17a8410ce5456d05bd48
bf9e552fd6c3799fc2eeaef25783cc960092a60ed52e108517c987fbb0e0b18f
c0b4a454a99cb286c9581ce9b437ee1dadfeff87bc7147c351fff0adce60c304
c18ec9b0ab550675bd8c55e5fdf1306cc21c053ae68843ff2c7772c010896f88
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb7038bb8255c509f069f615d0fda9413e51f6f937cf1017918e8efceecdb953
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d252b8e54d6e52d680b17d272077ea33356fc690acfcbe7af291229beb96dc6f
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d30d2c565bf5a7c183be7055573eb2fa29b73426b924f21018aef4f320eb7974
d69440f62c2f0fa5dab70a4e5201a78f51b4a2cdb7ea6ba62d56152bcc19150c
d6a3cc01a5f5b8317e560bb24554479345c0c799b3a95e006b9876a1a709d99b
d6e76b17161a60ecc1bd2b7381a8d0ab84d9a499e4593ecaa174d835c46993c6
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769
db1ab08d6b6b6e24f2cd0e2dcec7dfffa34950c4f08b04c986949c1a9aa51fc3
dc0937cff5ac7c1c593ac85e6c8e92a7357c5abe88523c2c21bc9a2be91b69f1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df3a298ea519b874fa812d43a5251e9aeb67a495069a8f1cd6dce36761a0e886
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e0dae399853e65bb82a06ad77373286238a676171314ec762b50f13fb8796ce9
e19a30d7d8b2a0a2d1b061e0d63cf287ed9df54c77d521548783a0d21f37eb46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66a30680f5771e6e79fffcc5bd2f07335a6f9ad7246bbe384b9cbbd6bd4e5e6
e6e8ec71d10d374c39d76f731d2bd09be66cf94f5fa50ad6578e80b44b78ac1a
e703cc3f00ebdbe78e490c36b194b8e88905b7a82aaefcc2666c323dd511db0e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea08a18ec56cc85f8053f3fc5b8df2ee9b608c6f3e51213a8fb2d0447a853142
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a
ed0c46b641529da7143ecf81c8b256ab3924cac80b23c18529aa8fb666afa709
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
edbbb2f59567559a89f217b32e46c1d45f462129a171d8046d86b3d1110f34a2
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b375062dc1e1ecf20d461403eec4b77528060e29e00c649b68a50f98f8668e
f314d6f82089e2213c9c6d82a0391409227d753d7be5d97a661e59f642a515a1
f6adc8d1333d3210036fb1f70540db20bce7b2540a199635eda879d05002e8c9
f78b804125d36b1a1c502fc0bc1aae64f96ade1ee9a773ba5def5b80804094ce
f84ccb0ee105f2d32746eea84d27c59d592bab0312e372f3727d03529c850e4a
fb8e5134431e53290e82ebacf3f3744bc7eaba86ce12756e6201bfacad6de233
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fe7a9a5a03e625713b480cd8b3da9c736d3b1759da836f73eae482dda0966973