ufile.io Open in urlscan Pro
2606:4700:20::681a:20b Public Scan

URL:
https://ufile.io/mdgyb93l
Submission: On August 07 via manual (August 7th 2020, 2:42:53 pm UTC) from JP

Summary HTTP 165 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 9 countries across 23 domains to perform 165 HTTP transactions. The main IP is 2606:4700:20::681a:20b, located in United States and belongs to CLOUDFLARENET, US. The main domain is ufile.io.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 30th 2020. Valid for: 8 months.

This is the only time ufile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:20:... 2606:4700:20::681a:20b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	3.17.116.255 3.17.116.255	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681b:2774	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2.21.36.164 2.21.36.164	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2606:4700:10:... 2606:4700:10::6816:3ed1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
1	92.122.255.233 92.122.255.233	16625 (AKAMAI-AS) (AKAMAI-AS)
14	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
11	146.20.128.94 146.20.128.94	27357 (RACKSPACE) (RACKSPACE)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
24 27	18.185.216.221 18.185.216.221	16509 (AMAZON-02) (AMAZON-02)
14 14	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
14 14	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
14	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
11	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
12	92.122.252.114 92.122.252.114	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	35.153.121.69 35.153.121.69	14618 (AMAZON-AES) (AMAZON-AES)
2	2.21.37.33 2.21.37.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	35.158.16.127 35.158.16.127	16509 (AMAZON-02) (AMAZON-02)
1	195.181.167.18 195.181.167.18	60068 (CDN77) (CDN77)
165	26

21 2606:4700:20::681a:20b (United States)

ASN13335 (CLOUDFLARENET, US)

ufile.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.17.116.255 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-116-255.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681b:2774 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.uploadfiles.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.36.164 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-36-164.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:3ed1 (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
settings.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.255.233 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-255-233.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 146.20.128.94 (San Antonio, United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 18.185.216.221 (Frankfurt am Main, Germany) 24 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-216-221.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1288:110:c305::8000 (United Kingdom) 14 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.126.63.176 (Frankfurt am Main, Germany) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-63-176.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.156.0.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 92.122.252.114 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-114.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.153.121.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-121-69.compute-1.amazonaws.com

vid-io-iad.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.37.33 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-33.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.158.16.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.167.18 (Madrid, Spain)

ASN60068 (CDN77, GB)
PTR: madrid-11.cdn77.com

vastserverad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	advertising.com 38 redirects ads.adaptv.advertising.com pixel.advertising.com	25 KB
38	yahoo.com 14 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads-eu.v.ssp.yahoo.com	35 KB
25	lkqd.net ad.lkqd.net v.lkqd.net t.lkqd.net Failed	405 KB
21	ufile.io ufile.io	372 KB
16	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com vid.pubmatic.com aktrack.pubmatic.com	150 KB
11	spotxchange.com search.spotxchange.com	13 KB
9	crisp.chat client.crisp.chat settings.crisp.chat image.crisp.chat	251 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	141 KB
6	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	191 KB
5	springserve.com vpaid.springserve.com vid-io-iad.springserve.com	288 KB
5	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	421 B
2	facebook.com graph.facebook.com	844 B
2	google-analytics.com 1 redirects www.google-analytics.com	19 KB
1	vastserverad.com vastserverad.com	633 B
1	addthisedge.com v1.addthisedge.com	987 B
1	moatads.com z.moatads.com	1 KB
1	googletagservices.com www.googletagservices.com	26 KB
1	uploadfiles.io analytics.uploadfiles.io	923 B
1	google.com adservice.google.com	829 B
1	google.de adservice.google.de	829 B
1	vidoomy.com ads.vidoomy.com	3 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
165	23

	Domain	Requested by
27	ads.adaptv.advertising.com	24 redirects vpaid.springserve.com
21	ufile.io	ufile.io ajax.cloudflare.com
14	ups.analytics.yahoo.com
14	pixel.advertising.com	14 redirects
14	pr-bh.ybp.yahoo.com	14 redirects
14	ad.lkqd.net	ufile.io ad.lkqd.net
11	search.spotxchange.com	ad.lkqd.net vpaid.springserve.com
11	v.lkqd.net	ad.lkqd.net
10	ads-eu.v.ssp.yahoo.com
6	ads.pubmatic.com	vpaid.pubmatic.com
6	vpaid.pubmatic.com	vpaid.springserve.com blank
6	client.crisp.chat	ufile.io client.crisp.chat
5	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	vpaid.springserve.com	ad.lkqd.net
3	s7.addthis.com	ufile.io s7.addthis.com
2	aktrack.pubmatic.com
2	vid-io-iad.springserve.com	vpaid.springserve.com
2	vid.pubmatic.com	vpaid.pubmatic.com
2	api-public.addthis.com	s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	settings.crisp.chat	client.crisp.chat
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	1 redirects ufile.io
1	vastserverad.com	vpaid.springserve.com
1	image.crisp.chat
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net
1	analytics.uploadfiles.io	ajax.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	ads.vidoomy.com	ajax.cloudflare.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	ajax.cloudflare.com	ufile.io
0	t.lkqd.net Failed	ad.lkqd.net
165	38

This site contains links to these domains. Also see Links.

Domain
www.trustpilot.com
help.uploadfiles.io
status.uploadfiles.io
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.vidoomy.com Don Dominio / MrDomain RSA DV CA	`2019-10-04` - `2020-11-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.lkqd.net Let's Encrypt Authority X3	`2020-06-26` - `2020-09-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-27` - `2020-11-23`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
*.springserve.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-09-03`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-07-29` - `2021-01-25`	6 months	crt.sh
www.vastserverad.com Don Dominio / MrDomain RSA DV CA	`2020-05-24` - `2021-06-23`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://ufile.io/mdgyb93l
Frame ID: 607D4C82983A6C3616601AFAC99A99E1
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200805/r20190131/zrt_lookup.html
Frame ID: 64DCD4F63635CD746730F3390662A4D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5877609709988775&output=html&h=200&slotname=8585601956&adk=4127729644&adf=2617130762&w=1110&fwrn=4&fwrnh=100&lmt=1596811356&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x200&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&flash=0&fwr=0&fwrattr=true&rh=200&rw=1110&sfro=1&wgl=1&adsid=NT&dt=1596811356769&bpp=17&bdt=239&idt=117&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6339062193623&frm=20&pv=2&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=10650620&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HOIQKiv5wd&p=https%3A//ufile.io&dtd=138
Frame ID: 72135DB472A87FAF23D46AFF580C9B0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5877609709988775&output=html&h=200&slotname=8585601956&adk=4127729644&adf=2668871&w=1110&fwrn=4&fwrnh=100&lmt=1596811356&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x200&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&flash=0&fwr=0&fwrattr=true&rh=200&rw=1110&sfro=1&wgl=1&adsid=NT&dt=1596811356786&bpp=3&bdt=256&idt=138&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x200&correlator=6339062193623&frm=20&pv=1&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=579470332&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4R7u5b9FYk&p=https%3A//ufile.io&dtd=142
Frame ID: 78473A4B031856EFC7F080CF7EF6150E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5877609709988775&output=html&adk=1812271804&adf=3025194257&lmt=1596811356&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1596811356792&bpp=1&bdt=262&idt=140&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x200%2C1110x200&nras=1&correlator=6339062193623&frm=20&pv=1&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=579470332&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=146
Frame ID: 193B35821E7BC1933D7017E222911142
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F247158A83006ADB05CE5511870E0946
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CFD505937FA6E4DB5FCF3875BD9B28E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 629BD3EF4463364B6DBB952E3612D0FC
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: ADE8436E282AEA6158D7E37E25F6FC3A
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 6CE0924059083EBB218521021E270B24
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: AAE2D404D45A5D49D8FC773AD2A94ABE
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7849C50B34825956FAFA0658AA73112E
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 05082F6B3203D2E90D4EDAD12194CCD4
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 4C19FC3B1A85FDEEBDEC1EF1EDD59279
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A8A8B4E2CADB0C136DB2AB3DAC0B7529
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 4A34CF884A8CC9E686E681F588958470
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 77920FD3544F2A79E34590A3B2ACCFA1
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_61a91407.js
Frame ID: 15F481087AF947F15FC179A33BE06266
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,
Frame ID: 1BB621846B44A66042D4457CCE79EC94
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A768244A628B91C32782FC9359B5CA01
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1FDBC043505ECA250B03767449EAADC9
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A7BB9B91CEA80069D9D938C402FF82F2
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5F7BDF6E25F02E511F6FB20B0B792664
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_61a91407.js
Frame ID: 712EEF72B3F7266C85280A1837A04A1B
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,
Frame ID: E7BC739F805C1C403317F6A4F2088C21
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: ACF30A227BD253885D5788BEC6080DAC
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: DE6FB9586145BDB8BBD6C003A537B8D0
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A71784709F36645431C0D9B674216B65
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 943C053F73E517AB5A83DA2E70128872
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A0BE42C561CD9346F04976B950471997
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2638B742EF9B9C94B44BB4DB6D49581C
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C38412D05119CD2285682BDDC4B308D2
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 53766193026348B498605E5D7B1D3327
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3D5BCAC343B371E4FCA0882BC51C1B2B
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 8167789E84682A6FE452AE1C0DDA2190
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_61a91407.js
Frame ID: 14B1C3FF0D5789D73D0CCCA164C845DF
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,
Frame ID: E11994F7BFD2E1F777EE173480422AC2
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A18E45C217AA68046AA39C49B4A36DC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

165
Requests

88 %
HTTPS

44 %
IPv6

23
Domains

38
Subdomains

26
IPs

9
Countries

1932 kB
Transfer

6625 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trustpilot.com/review/uploadfiles.io
Title: Rated Excellent

Search URL Search Domain Scan URL

URL: https://help.uploadfiles.io/
Title: Help

Search URL Search Domain Scan URL

URL: http://status.uploadfiles.io/
Title: Status

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=481006893&t=pageview&_s=1&dl=https%3A%2F%2Fufile.io%2Fmdgyb93l&ul=en-us&de=UTF-8&dt=Upload%20files%20for%20free%20-%20O365%20Killer.zip%20-%20Uploadfiles.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=165821616&gjid=1153358243&cid=1086732393.1596811357&tid=UA-73416834-1&_gid=1252285061.1596811357&_r=1&z=1049423584 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73416834-1&cid=1086732393.1596811357&jid=165821616&_gid=1252285061.1596811357&gjid=1153358243&_v=j83&z=1049423584

Request Chain 72

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=660542049&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3d2f5700-d8bc-11ea-b56c-0661486b023f?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-V722Qkh1lxlSDMgPy.uoKbg7.cIVWseJmUbX&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-V722Qkh1lxlSDMgPy.uoKbg7.cIVWseJmUbX&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Request Chain 75

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=127916989&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3c98426c-d8bc-11ea-b4e8-02474a157ceb?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-pU4DyOR1lxkf.sUad43_gtpTbH89DgaKdp3l&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-pU4DyOR1lxkf.sUad43_gtpTbH89DgaKdp3l&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Request Chain 76

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=937753659&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3cb828f0-d8bc-11ea-84ce-0635e211e6be?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-V4Tkw6t1lxk7Ao_Bz60UCmGB9s2i7dvlyQy.&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-V4Tkw6t1lxk7Ao_Bz60UCmGB9s2i7dvlyQy.&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Request Chain 77

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1616642285&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3d324f29-d8bc-11ea-9ff1-023b13579d02?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-diby._51lxkqJ.t04azjHT5IuOBuHvGaGCpI&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-diby._51lxkqJ.t04azjHT5IuOBuHvGaGCpI&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Request Chain 78

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1616390324&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3c95cff5-d8bc-11ea-97c1-06fc49b55f21?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-t6aV7i91lxkzSDSXdLSeBnYtEYNup1vlC1IB&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-t6aV7i91lxkzSDSXdLSeBnYtEYNup1vlC1IB&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Request Chain 105

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=135250070&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=135250070&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=40861de6-b9ae-4931-8c81-f31afbd88883&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ1OS45ODQ2MTk6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD00MDg2MWRlNi1iOWFlLTQ5MzEtOGM4MS1mMzFhZmJkODg4ODM=

Request Chain 108

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1844042417&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1844042417&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=72554c89-7fc0-4a12-8c90-50446eb49681&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ3MS42NjY1MDQ6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD03MjU1NGM4OS03ZmMwLTRhMTItOGM5MC01MDQ0NmViNDk2ODE=

Request Chain 109

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1060528862&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1060528862&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=c1a12868-1de2-4eff-be04-e8e7522c6375&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2OS44ODA2MTU6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD1jMWExMjg2OC0xZGUyLTRlZmYtYmUwNC1lOGU3NTIyYzYzNzU=

Request Chain 110

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=153341756&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=153341756&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=3550b948-801f-49f5-bd00-8c777ff52360&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2Ni45NzExOTE6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD0zNTUwYjk0OC04MDFmLTQ5ZjUtYmQwMC04Yzc3N2ZmNTIzNjA=

Request Chain 111

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=86908302&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=86908302&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=b8486dff-812a-4420-a8cc-b2229c9b45d3&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2OC4zNjk4NzM6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD1iODQ4NmRmZi04MTJhLTQ0MjAtYThjYy1iMjIyOWM5YjQ1ZDM=

Request Chain 131

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1903138480&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3f92e222-d8bc-11ea-81d6-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA3f92e222-d8bc-11ea-81d6-068489b665ff

Request Chain 134

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1175126825&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3f92614f-d8bc-11ea-81d6-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA3f92614f-d8bc-11ea-81d6-068489b665ff

Request Chain 135

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=806081936&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA404fb4f4-d8bc-11ea-8bfa-069c67851ab4?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

Request Chain 136

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=204366054&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA402dec22-d8bc-11ea-8dd2-06a022ec0fcb?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

Request Chain 137

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1058654056&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA403dce95-d8bc-11ea-97c2-06fc49b55f21?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

Request Chain 145

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=369116379&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=369116379&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=b71e4873-a843-4a63-9c25-0dc5bbfbecb1&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4Ny41ODM5ODQ6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1iNzFlNDg3My1hODQzLTRhNjMtOWMyNS0wZGM1YmJmYmVjYjE=

Request Chain 148

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=260045711&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=260045711&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=da5f3928-4ce9-493b-b9a3-ae6535926bfa&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4OS4yMjIxNjg6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1kYTVmMzkyOC00Y2U5LTQ5M2ItYjlhMy1hZTY1MzU5MjZiZmE=

Request Chain 149

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1207111882&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1207111882&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=c382dbca-47b9-40c5-adb8-0aa654d932d8&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI5MC4yNDEyMTE6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1jMzgyZGJjYS00N2I5LTQwYzUtYWRiOC0wYWE2NTRkOTMyZDg=

Request Chain 150

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=11411992&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=11411992&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=7a5e607d-b897-47e7-9af4-a5594af8099d&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4Ni45NTgyNTI6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD03YTVlNjA3ZC1iODk3LTQ3ZTctOWFmNC1hNTU5NGFmODA5OWQ=

Request Chain 151

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=272572805&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=272572805&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=99f8b60d-e0b2-4d3c-a396-4fdfe30073ba&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI5Ni4xMjUyNDQ6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD05OWY4YjYwZC1lMGIyLTRkM2MtYTM5Ni00ZmRmZTMwMDczYmE=

Request Chain 159

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1843132716&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA429369f8-d8bc-11ea-92b6-026cfb548a2e?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

Request Chain 161

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1543011586&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA42910f79-d8bc-11ea-a1eb-06fca2a61b2f?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA42910f79-d8bc-11ea-a1eb-06fca2a61b2f

Request Chain 162

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=129226824&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA42925e14-d8bc-11ea-b568-022ae074647e?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

Request Chain 163

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=293591141&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA428c8db9-d8bc-11ea-a320-068ca93f1b73?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

165 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mdgyb93l Show response
ufile.io/ 69 KB
15 KB 301ms
251ms Document
text/html 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a70ce439c31161f186cfc2be97b5201d8b8528b64018c301dd7d5c3d8f0985

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ufile.io
:scheme: https
:path: /mdgyb93l
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 14:42:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d695fd7d89e823abafe6b495d1bbd5e1f1596811356; expires=Sun, 06-Sep-20 14:42:36 GMT; path=/; domain=.ufile.io; HttpOnly; SameSite=Lax; Secure AWSALB=u2k/W8h1gQ62luBkRACk+yq0fMf8BrvDbGKbOy0hE7/k29qTP40GIx3kose5x4jXnrD8xxA90tN8pQkB1RAUIAwZrOXu/3SED0MvqyUVV4MkHCzIm3ymQg9gSGPt; Expires=Fri, 14 Aug 2020 14:42:36 GMT; Path=/ AWSALBCORS=u2k/W8h1gQ62luBkRACk+yq0fMf8BrvDbGKbOy0hE7/k29qTP40GIx3kose5x4jXnrD8xxA90tN8pQkB1RAUIAwZrOXu/3SED0MvqyUVV4MkHCzIm3ymQg9gSGPt; Expires=Fri, 14 Aug 2020 14:42:36 GMT; Path=/; SameSite=None; Secure csrf_cookie_name=16c9b2c11bc03f33b4ee2596a9115fe7; expires=Fri, 07-Aug-2020 20:42:36 GMT; Max-Age=21600; path=/; domain=ufile.io ci_sessions=otem1lkkp9rro2qnn5ms9q02kk6a5lvj; expires=Sat, 08-Aug-2020 14:42:36 GMT; Max-Age=86400; path=/; domain=ufile.io; HttpOnly __cflb=02DiuHS3BYYUk7Vk5kbS5opKLteVFvC6qK47B33XC6M3A; SameSite=None; Secure; path=/; expires=Sat, 08-Aug-20 13:42:36 GMT; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 046af8c0750000dfd722033200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bf1c3e0bf40dfd7-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 roboto-v20-latin-100.woff2
ufile.io/assets/fonts/ 15 KB
16 KB 32ms
26ms Font
application/octet-stream 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/fonts/roboto-v20-latin-100.woff2

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l
Origin: https://ufile.io

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069878
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15808
cf-request-id: 046af8c17d0000dfd722045200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5bf1c3e26b83dfd7-FRA
expires: Thu, 13 Aug 2020 15:44:37 GMT

GET
H2 200 open-sans-v17-latin-300.woff2
ufile.io/assets/fonts/ 15 KB
15 KB 30ms
24ms Font
application/octet-stream 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/fonts/open-sans-v17-latin-300.woff2

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l
Origin: https://ufile.io

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069799
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14932
cf-request-id: 046af8c17d0000dfd722047200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5bf1c3e26b86dfd7-FRA
expires: Thu, 13 Aug 2020 15:45:57 GMT

GET
H2 200 fa-regular-400.woff2
ufile.io/assets/fonts/ 13 KB
13 KB 32ms
26ms Font
application/octet-stream 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/fonts/fa-regular-400.woff2

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l
Origin: https://ufile.io

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069799
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13580
cf-request-id: 046af8c17d0000dfd722048200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5bf1c3e26b89dfd7-FRA
expires: Thu, 13 Aug 2020 15:45:57 GMT

GET
H2 200 fa-solid-900.woff2
ufile.io/assets/fonts/ 74 KB
74 KB 30ms
24ms Font
application/octet-stream 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/fonts/fa-solid-900.woff2

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l
Origin: https://ufile.io

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069878
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
cf-request-id: 046af8c17d0000dfd722049200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5bf1c3e26b8bdfd7-FRA
expires: Thu, 13 Aug 2020 15:44:37 GMT

GET
H2 200 fa-brands-400.woff2
ufile.io/assets/fonts/ 73 KB
73 KB 24ms
18ms Font
application/octet-stream 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/fonts/fa-brands-400.woff2

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l
Origin: https://ufile.io

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069799
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74508
cf-request-id: 046af8c17d0000dfd72204a200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5bf1c3e26b8ddfd7-FRA
expires: Thu, 13 Aug 2020 15:45:57 GMT

GET
H2 200 bootstrap.css
ufile.io/assets/css/ 31 KB
5 KB 36ms
31ms Stylesheet
text/css 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/css/bootstrap.css?v=1563114401

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1579651
cf-polished: origSize=41042
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c17d0000dfd722043200000001
last-modified: Mon, 20 Jul 2020 07:53:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=15552000
cf-ray: 5bf1c3e26b7cdfd7-FRA
expires: Sat, 16 Jan 2021 07:55:05 GMT

GET
H2 200 theme.css
ufile.io/assets/css/ 85 KB
16 KB 29ms
25ms Stylesheet
text/css 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/css/theme.css?v=1563114401

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8a803442173e717352a0a46e31dbe71183a1649f4d94c40caa6909ad601b56

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1579651
cf-polished: origSize=113197
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c17d0000dfd722044200000001
last-modified: Mon, 20 Jul 2020 07:53:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=15552000
cf-ray: 5bf1c3e26b7edfd7-FRA
expires: Sat, 16 Jan 2021 07:55:05 GMT

GET
H2 200 utils.css
ufile.io/assets/css/ 60 KB
13 KB 30ms
26ms Stylesheet
text/css 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/css/utils.css?v=1563114401

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5cde516e14ddc09ee01b50a6a7a8dc71baa58b84f07048f7305ed6b15bb9c1a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1579651
cf-polished: origSize=76366
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c17d0000dfd722046200000001
last-modified: Mon, 20 Jul 2020 07:53:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=15552000
cf-ray: 5bf1c3e26b85dfd7-FRA
expires: Sat, 16 Jan 2021 07:55:05 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 28ms
10ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 05 Aug 2020 10:00:12 GMT
server: cloudflare
etag: W/"5f2a832c-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5bf1c3e278921766-FRA
cf-request-id: 046af8c18c0000176604198200000001
expires: Sun, 09 Aug 2020 14:42:36 GMT

GET
H2 200 trust-pilot.svg
ufile.io/assets/img/ 7 KB
3 KB 20ms
19ms Image
image/svg+xml 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/trust-pilot.svg

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beaef9b022c10624a25f016a19bb35f641b792e7733e29bd24aec8f7623f8852

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069798
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c1a20000dfd72204b200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 5bf1c3e29c2bdfd7-FRA
expires: Wed, 14 Jul 2021 15:45:57 GMT

GET
H2 200 logo.png
ufile.io/assets/img/ 4 KB
4 KB 31ms
31ms Image
image/webp 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/logo.png

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee54d2ed3783715fc679fefcae7a339c21cf4797f30f35fb73a9e15ae919724

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
cf-cache-status: HIT
age: 759359
cf-polished: origFmt=png, origSize=12016
status: 200
content-disposition: inline; filename="logo.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4114
cf-request-id: 046af8c1a20000dfd72204c200000001
last-modified: Wed, 29 Jul 2020 08:02:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Mon, 25 Jan 2021 19:46:37 GMT
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 5bf1c3e29c2fdfd7-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 spacer.png
ufile.io/assets/img/ 34 B
343 B 19ms
19ms Image
image/webp 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/spacer.png

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
cf-cache-status: HIT
age: 762340
cf-polished: origFmt=png, origSize=152
status: 200
content-disposition: inline; filename="spacer.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-request-id: 046af8c1a20000dfd72204d200000001
last-modified: Wed, 29 Jul 2020 08:02:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Mon, 25 Jan 2021 18:56:56 GMT
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 5bf1c3e29c32dfd7-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 7.jpeg
ufile.io/assets/img/backgrounds/ 53 KB
53 KB 30ms
29ms Image
image/jpeg 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/backgrounds/7.jpeg

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3abe513abec2faca1f25159dfbea4ee92f8907c2f9397da3046336065fd661e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 52724
cf-polished: origSize=54374, status=webp_bigger
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53840
cf-request-id: 046af8c1b00000dfd722051200000001
last-modified: Fri, 31 Jul 2020 16:41:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Wed, 03 Feb 2021 00:03:52 GMT
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 5bf1c3e2bc76dfd7-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 open-sans-v17-latin-regular.woff2
ufile.io/assets/fonts/ 14 KB
14 KB 19ms
19ms Font
application/octet-stream 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/fonts/open-sans-v17-latin-regular.woff2

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l
Origin: https://ufile.io

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069878
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14380
cf-request-id: 046af8c1b10000dfd722053200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5bf1c3e2bc7edfd7-FRA
expires: Thu, 13 Aug 2020 15:44:37 GMT

GET
H2 200 logo-dark.svg
ufile.io/assets/img/ 3 KB
1 KB 45ms
43ms Image
image/svg+xml 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/logo-dark.svg

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f95f6f7087901697190ec95d0497dfff00cd7ab4c0d048d414e4b0e40a89c951

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069798
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c2130000dfd72205d200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 5bf1c3e35e25dfd7-FRA
expires: Wed, 14 Jul 2021 15:45:57 GMT

GET
H2 200 download.js Show response
ufile.io/assets/js/ 4 KB
1 KB 31ms
27ms Script
text/javascript 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/download.js?v=1563114401

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5882032298738f7fe2a012b31813698803500fcef0cb0de7f0e3e8ae8673a5c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1579572
cf-polished: origSize=8915
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c2220000dfd72205e200000001
last-modified: Mon, 20 Jul 2020 07:53:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2678400
cf-ray: 5bf1c3e36e5bdfd7-FRA
expires: Wed, 19 Aug 2020 07:56:24 GMT

GET
H2 200 custom.js Show response
ufile.io/assets/js/ 4 KB
1 KB 22ms
20ms Script
text/javascript 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/custom.js?v=1563114401

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f9c8880a46cadb6e7cf67dce6bbe63c9f1e179c4184bb348e1ebf7a0de963f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1579651
cf-polished: origSize=7632
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c2220000dfd72205f200000001
last-modified: Mon, 20 Jul 2020 07:53:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2678400
cf-ray: 5bf1c3e36e5ddfd7-FRA
expires: Wed, 19 Aug 2020 07:55:05 GMT

GET
H2 200 scripts.js Show response
ufile.io/assets/js/ 17 KB
4 KB 25ms
23ms Script
text/javascript 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/scripts.js?v=1563114401

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ae537941145d2e34b92bfaeb3af7453eca1f40512e365a37e35f164b99ba20f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1579651
cf-polished: origSize=27724
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c2220000dfd722060200000001
last-modified: Mon, 20 Jul 2020 07:53:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2678400
cf-ray: 5bf1c3e36e60dfd7-FRA
expires: Wed, 19 Aug 2020 07:55:05 GMT

GET
H2 200 utils.js Show response
ufile.io/assets/js/ 33 KB
11 KB 20ms
19ms Script
text/javascript 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/utils.js?v=1563114401

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1579651
cf-polished: origSize=47601
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c2220000dfd722061200000001
last-modified: Mon, 20 Jul 2020 07:53:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2678400
cf-ray: 5bf1c3e36e61dfd7-FRA
expires: Wed, 19 Aug 2020 07:55:05 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 20:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1361744
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jul 2021 20:26:52 GMT

GET
H/1.1 200
OK uploadfiles_13077.js Show response
ads.vidoomy.com/ 3 KB
3 KB 372ms
120ms Script
application/javascript 3.17.116.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/uploadfiles_13077.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.17.116.255 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-116-255.us-east-2.compute.amazonaws.com
Software: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 084e8a9d6bb93acc321931dc67b1683d21b31eebc7f8f7ad1924949bb59e4a02

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:37 GMT
Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 3086

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 123 KB
44 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78c2aa8c9ca6e79b1fd9d827778a21d05331a9fb568d251dd2984b3e349d6f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44402
x-xss-protection: 0
server: cafe
etag: 3724212296373838099
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Aug 2020 14:42:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 40ms
27ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ufile.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 27ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ufile.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/ 223 KB
84 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c483b07112a63520c42ab64a30374679fbb23f841771bf1b15db5518526da5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85672
x-xss-protection: 0
server: cafe
etag: 12756933714787842258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Aug 2020 14:42:36 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200805/r20190131/ Frame 64DC 0
0 9ms
6ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200805/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200805/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ufile.io/mdgyb93l
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 06 Aug 2020 08:27:20 GMT
expires: Thu, 20 Aug 2020 08:27:20 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 108916
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 535
date: Fri, 07 Aug 2020 14:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 07 Aug 2020 16:33:41 GMT

POST
H2 200 / Show response
analytics.uploadfiles.io/ajax/analytics/ 0
923 B 311ms
219ms XHR
text/html 2606:4700:20::681b:2774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.uploadfiles.io/ajax/analytics/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681b:2774 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5bf1c3e48a10dfcb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c2d80000dfcbbf398200000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 102ms
38ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
x-akamai-pragma-client-ip: 23.220.148.109, 4.79.170.54
etag: W/"5ed917ff-5834c"
x-serial: 3615
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
x-check-cacheable: YES
date: Fri, 07 Aug 2020 14:42:36 GMT
x-host: s7.addthis.com
content-length: 116324

GET
H2 200 l.js Show response
client.crisp.chat/ 12 KB
4 KB 60ms
27ms Script
application/javascript 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: ufile.io
URL: https://ufile.io/mdgyb93l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae04bccb3edef584ed6b26b962e0e8d21c22fe4aa5e7acaaea1fb68a2e0c4852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6598
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c29e0000c2e58183f200000001
last-modified: Thu, 06 Aug 2020 14:28:34 GMT
server: cloudflare
etag: W/"5f2c1392-2e27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=86400
access-control-allow-credentials: false
cf-ray: 5bf1c3e438adc2e5-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 08 Aug 2020 12:52:38 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=481006893&t=pageview&_s=1&dl=https%3A%2F%2Fufile.io%2Fmdgyb93l&ul=en-us&de=UTF-8&dt=Upload%20files%20for%20free%20-%20O365%20Killer.zip%20-%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73416834-1&cid=1086732393.1596811357&jid=165821616&_gid=1252285061.1596811357&gjid=1153358243&_v=j83&z=1049423584

35 B
421 B

46ms
14ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73416834-1&cid=1086732393.1596811357&jid=165821616&_gid=1252285061.1596811357&gjid=1153358243&_v=j83&z=1049423584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 07 Aug 2020 14:42:36 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Aug 2020 14:42:36 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73416834-1&cid=1086732393.1596811357&jid=165821616&_gid=1252285061.1596811357&gjid=1153358243&_v=j83&z=1049423584
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7213 0
0 67ms
67ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5877609709988775&output=html&h=200&slotname=8585601956&adk=4127729644&adf=2617130762&w=1110&fwrn=4&fwrnh=100&lmt=1596811356&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x200&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&flash=0&fwr=0&fwrattr=true&rh=200&rw=1110&sfro=1&wgl=1&adsid=NT&dt=1596811356769&bpp=17&bdt=239&idt=117&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6339062193623&frm=20&pv=2&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=10650620&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HOIQKiv5wd&p=https%3A//ufile.io&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5877609709988775&output=html&h=200&slotname=8585601956&adk=4127729644&adf=2617130762&w=1110&fwrn=4&fwrnh=100&lmt=1596811356&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x200&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&flash=0&fwr=0&fwrattr=true&rh=200&rw=1110&sfro=1&wgl=1&adsid=NT&dt=1596811356769&bpp=17&bdt=239&idt=117&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6339062193623&frm=20&pv=2&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=10650620&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HOIQKiv5wd&p=https%3A//ufile.io&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ufile.io/mdgyb93l
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 Aug 2020 14:42:36 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Aug-2020 14:57:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Aug 2020 14:42:36 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 30ms
17ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200805&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ae57b0141f0c12bf8b58974b4defad82a7c3c5f116f57753c69f1a54d93f378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6220
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 70 KB
26 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26707b5321012a13ff9b5527dadb1f99f5f14dd6553583380b43f37c5a906d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596628412095837"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 26959
x-xss-protection: 0
expires: Fri, 07 Aug 2020 14:42:36 GMT

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 551 KB
103 KB 41ms
39ms Script
application/javascript 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?98cb4fa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7dbc4ac9afa4a8af498bb4de9466a76594213f30f18445e371f124b73d0db81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6598
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c2fd0000c2e581844200000001
last-modified: Thu, 06 Aug 2020 14:28:34 GMT
server: cloudflare
etag: W/"5f2c1392-89bbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 5bf1c3e4c9c7c2e5-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 514 KB
49 KB 29ms
28ms Stylesheet
text/css 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?98cb4fa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0a7014b24badc2db61d6678a7e4ef9420ee5f87b6543da7b14b3b500c4d32c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6598
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c2fd0000c2e581843200000001
last-modified: Thu, 06 Aug 2020 14:28:34 GMT
server: cloudflare
etag: W/"5f2c1392-806db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 5bf1c3e4c9c5c2e5-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7847 0
0 347ms
347ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5877609709988775&output=html&h=200&slotname=8585601956&adk=4127729644&adf=2668871&w=1110&fwrn=4&fwrnh=100&lmt=1596811356&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x200&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&flash=0&fwr=0&fwrattr=true&rh=200&rw=1110&sfro=1&wgl=1&adsid=NT&dt=1596811356786&bpp=3&bdt=256&idt=138&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x200&correlator=6339062193623&frm=20&pv=1&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=579470332&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4R7u5b9FYk&p=https%3A//ufile.io&dtd=142

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5877609709988775&output=html&h=200&slotname=8585601956&adk=4127729644&adf=2668871&w=1110&fwrn=4&fwrnh=100&lmt=1596811356&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x200&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&flash=0&fwr=0&fwrattr=true&rh=200&rw=1110&sfro=1&wgl=1&adsid=NT&dt=1596811356786&bpp=3&bdt=256&idt=138&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x200&correlator=6339062193623&frm=20&pv=1&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=579470332&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4R7u5b9FYk&p=https%3A//ufile.io&dtd=142
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ufile.io/mdgyb93l
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 Aug 2020 14:42:37 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Aug-2020 14:57:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Aug 2020 14:42:37 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 193B 0
0 42ms
41ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5877609709988775&output=html&adk=1812271804&adf=3025194257&lmt=1596811356&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1596811356792&bpp=1&bdt=262&idt=140&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x200%2C1110x200&nras=1&correlator=6339062193623&frm=20&pv=1&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=579470332&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=146

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5877609709988775&output=html&adk=1812271804&adf=3025194257&lmt=1596811356&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1596811356792&bpp=1&bdt=262&idt=140&shv=r20200805&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x200%2C1110x200&nras=1&correlator=6339062193623&frm=20&pv=1&ga_vid=1086732393.1596811357&ga_sid=1596811357&ga_hid=481006893&ga_fc=0&iag=0&icsg=579470332&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066125&oid=3&pvsid=2585496254619055&pem=738&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ufile.io/mdgyb93l
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 Aug 2020 14:42:36 GMT
server: cafe
content-length: 1299
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Aug-2020 14:57:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Aug 2020 14:42:36 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200805/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 07 Aug 2020 14:42:36 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 66ms
13ms Script
application/x-javascript 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 61EC92F13BB22DD4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=16775
accept-ranges: bytes
content-length: 948
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F247 0
0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-56b61b1b0db9758f/ 3 KB
987 B 325ms
323ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-56b61b1b0db9758f/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-36-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1ae74f96669622f297034428361fbd80018a0cbe1633935702a28d9c09bdd4d3

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: gzip
etag: -1593729010--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=57, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 811

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 155ms
153ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f2d685c08d8daee&bkl=0&bl=1&pdt=569&sid=5f2d685c08d8daee&pub=ra-56b61b1b0db9758f&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=ufile.io&fp=mdgyb93l&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=upload%20files%2Cfile%20hosting%2Cfile%20sharing%2Csend%20files&colc=1596811357056&jsl=1&uvs=5f2d685c764f9cd7000&skipb=1&callback=addthis.cbs.jsonp__66930753927091620
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-36-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c9f5ebce3c1dcb0e842fa19811585a984660d667e08401755191e45e93b778a

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 07 Aug 2020 14:42:37 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CFD5 0
0 35ms
35ms Document
text/html 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ufile.io/mdgyb93l
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Fri, 07 Aug 2020 14:42:37 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 45ms
40ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=2617130762&client=ca-pub-5877609709988775&eid=42530557%2C42530559%2C21066125&et=2&fwrattr=true&io=0&saldr=aa&oa=0.00&qid=CPLdz-2piesCFdvHuwgdgIgAJQ&rafmt=12&roa=0&slot=8585601956&sp=0%2C0&tgt=ins%2Faswift_0_expand.0&tr=245%2C248%2C1355%2C448&url=https%3A%2F%2Fufile.io%2Fmdgyb93l&vp=1600x1200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 14:42:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 629B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ufile.io/mdgyb93l
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ufile.io/mdgyb93l

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 07 Aug 2020 14:08:46 GMT
expires: Sat, 07 Aug 2021 14:08:46 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2031
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame ADE8 118 KB
35 KB 84ms
21ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: ufile.io
URL: https://ufile.io/mdgyb93l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e563e3104a54f19f6a97257440c13628a985a03dffb25c58bfd3bac1cabbd4c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
content-length: 35682
x-served-by: cache-fra19163-FRA
last-modified: Thu, 09 Jul 2020 20:56:36 GMT
x-timer: S1596811357.274095,VS0,VE0
etag: "d10b37d9152134bd308e52878769618d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
x-cache-hits: 60061

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 6CE0 118 KB
35 KB 80ms
20ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: ufile.io
URL: https://ufile.io/mdgyb93l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e563e3104a54f19f6a97257440c13628a985a03dffb25c58bfd3bac1cabbd4c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
content-length: 35682
x-served-by: cache-fra19163-FRA
last-modified: Thu, 09 Jul 2020 20:56:36 GMT
x-timer: S1596811357.274080,VS0,VE0
etag: "d10b37d9152134bd308e52878769618d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
x-cache-hits: 60061

GET
H2 200 / Show response
settings.crisp.chat/client/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/ 78 B
347 B 33ms
30ms Script
application/javascript 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.crisp.chat/client/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/?callback=window.%24crisp.__spool.website_handler&2020-7-7-16-42

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?98cb4fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8d922d6fc0f1a5331c26e6578730282c6d7b7a7ac7302ef74800599c0f8972d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5bf1c3e73ee9c2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c4830000c2e581863200000001
expires: Fri, 07 Aug 2020 17:42:55 GMT

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame AAE2 0
0 24ms
23ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
last-modified: Thu, 04 Jun 2020 17:26:54 GMT
etag: "31fb19c66779b8a0e4a23603f8131772"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Aug 2020 14:42:37 GMT
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 204943
x-timer: S1596811357.337846,VS0,VE0
vary: Accept-Encoding
age: 0
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-length: 1780

GET
H2 200 ad Show response
v.lkqd.net/ Frame ADE8 2 KB
2 KB 314ms
92ms XHR
application/xml 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=18875049&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a817dcc75d922a7b1fc683883bf168d1b638286a4b8c2dd99c1075aee749591a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1343

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 7849 0
0 23ms
21ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
last-modified: Thu, 04 Jun 2020 17:26:54 GMT
etag: "31fb19c66779b8a0e4a23603f8131772"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Aug 2020 14:42:37 GMT
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 204944
x-timer: S1596811357.374849,VS0,VE0
vary: Accept-Encoding
age: 0
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-length: 1780

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6CE0 180 B
350 B 278ms
91ms XHR
application/xml 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125981&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=8419897&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 42ms
39ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200805&jk=2585496254619055&bg=!wcKlwtpY1xrikWAF1XUCAAAAdlIAAAAOmQGfEzUo97LYGxWnaKly7kLuc003T2o_Ug8qglMFsDJx9bdKfEco5wjAAnY25i_9s51EgzYhBwHEJN9WPj-bU3JCfCHMyanGjFaB1vDUg7esRcYvMtI1m6hV7YWW4uUTub3H4RVDyhNtyXrrJDEi6wOtJvSYA-67v8rEv6hDKusDF035sHy_tKr_LbASKFy_C0rUxxAsAVIsDF73UIHsFm0_aJ8v_l9qejo7JHywCD4SWPoNpr0Kz0Qq8PSSHWKr-PFM9TlM9p75GRifReQXLH23iS3Nk6jE_xPt0do-2lQqALiHt2Qjxkn3acZls79d1sPCw4vDJCOsoSrm86Gkb4ZsoAKoLCVlAnMOIpApxyN8xNckxPxGXXbxdUCC58JncdNG7UbCbWAy1IRpekD7rtmwPaX4t1gzLLS-qHj1w1WQp7O-vfL76hfJGJChi9UK-xbj5NI4tFcGT42ZpzIl6SgXXxYJqNA3cWXpgVgKHyv1R9ujuFBO1jglpKWW6Y72LdEj-DV5clcRAZ_f2PhLP9EsbScOdkAnp5i1W3eC1Jwi_w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 14:42:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 46ms
45ms Script
application/javascript 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 07 Aug 2020 14:42:37 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H2 200 / Show response
graph.facebook.com/ 228 B
358 B 164ms
150ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fufile.io%2Fmdgyb93l&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_8ws90

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c097b5c9f603bab1ca78b4f8d896a2f62adc5e9b64d8df97c421d27b0b873d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "89c797decbe95989166f4867c6c4825704252e92"
status: 200
x-fb-rev: 1002481480
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 158
pragma: no-cache
x-fb-debug: 0vj4ZxFC/j+/kLAwTS0QN221jAEwwYrBBMQ55OESE9qfUemo5PapaSYrG8fHIo5qaAQilfxAnzB0gxqb086xNA==
x-fb-trace-id: DOzwaVyV//m
date: Fri, 07 Aug 2020 14:42:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AgpeROUs-Ci_gfZpPB1K2bo
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
283 B 207ms
201ms Script
application/json 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fufile.io%2Fmdgyb93l&callback=_ate.cbs.rcb_2fgu0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c62ef73a0215763e70038953666277b7ac2e5912c90f55518b6421f2fee6a21f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: ufile.io/mdgyb93l
last-modified: Fri, 07 Aug 2020 14:42:37 GMT
server: nginx/1.15.8
date: Fri, 07 Aug 2020 14:42:37 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 / Show response
graph.facebook.com/ 65 B
486 B 98ms
86ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fufile.io%2Fmdgyb93l&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_5ugq0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f2960b000a312a54cc81dcd1faccaee1ff230e7339e343340cc0ddcefd6c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "b11c106eb75bb8f86b3a47bde890e65a29476a82"
status: 200
x-fb-rev: 1002481480
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65
pragma: no-cache
x-fb-debug: RYYSCRrKOIVcKmWeJROrN+9rMiVuMck5vET/aEaFok8GQSsx+jpTo18s6qBTqIoFWyEZ3KkTzIt2IIKI+Pn1mA==
x-fb-trace-id: GZaAc0lztiM
date: Fri, 07 Aug 2020 14:42:37 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AjzY9sVoIdv4y4tl3vNO7a9
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
283 B 207ms
202ms Script
application/json 2.21.36.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fufile.io%2Fmdgyb93l&callback=_ate.cbs.rcb_6gcc0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-36-164.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c370dc9ba4a27a1fc49dba430552a8e1748f6dba844e98e3955a2162fad9dfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: ufile.io/mdgyb93l
last-modified: Fri, 07 Aug 2020 14:42:37 GMT
server: nginx/1.15.8
date: Fri, 07 Aug 2020 14:42:37 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST t
t.lkqd.net/ Frame 0508 0
0

POST t
t.lkqd.net/ Frame 4C19 0
0

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame A8A8 230 KB
61 KB 20ms
20ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
content-length: 62007
x-served-by: cache-fra19163-FRA
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
x-timer: S1596811358.674135,VS0,VE0
etag: "37ec3f32952873470d227dd7944c04e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
x-cache-hits: 177172

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 4A34 0
0 21ms
21ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: csip=true; sr85=1||1596811357; lkqdidts=1596811357; sr90=1|4c_43398141-717a-4ac8-8646-9921feac8c0d|1596811357; sr55=1||1596811357; sr86=1|1040964861181740393|1596811357; lkqdid=xvyH3cYRqkI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
last-modified: Thu, 04 Jun 2020 17:26:54 GMT
etag: "31fb19c66779b8a0e4a23603f8131772"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Aug 2020 14:42:37 GMT
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 204945
x-timer: S1596811358.721239,VS0,VE0
vary: Accept-Encoding
age: 0
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-length: 1780

POST
H2 200 ad Show response
v.lkqd.net/ Frame A8A8 57 KB
5 KB 111ms
110ms XHR
application/json 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=18875049&m=&rtv=1&thost=ufile.io
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 81b2d5a819b49d769a8b33ba07d85cead18b22b07f0369b923a6870ac39d8b0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Aug 2020 14:42:38 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5069

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
settings.crisp.chat/client/website/9891a594-d15f-44d2-ad63-5e086be01a3a/ 3 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.crisp.chat/client/website/9891a594-d15f-44d2-ad63-5e086be01a3a/?callback=window.%24crisp.__spool.website_handler&1596540774096

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?98cb4fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b03b9e116a7a6e166d5a0d7533485b21cfb1407754efb995705efdc7a6e9c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6584
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c6260000c2e58189b200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 5bf1c3e9dc96c2e5-FRA
expires: Fri, 07 Aug 2020 16:52:42 GMT

GET
H2 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?98cb4fa

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?98cb4fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ebc49bf40feb58578f23b8b791e36492344dc445930cef9b37f6a383f40297d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6593
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c63a0000c2e5818ad200000001
last-modified: Thu, 06 Aug 2020 14:28:34 GMT
server: cloudflare
etag: W/"5f2c1392-1723"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
access-control-allow-credentials: false
cf-ray: 5bf1c3e9fcd9c2e5-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 947 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 008dd386dfafcd48e846499b13ead5a5461657ef655da0862362b411cdd4d961

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST t
t.lkqd.net/ Frame 7792 0
0

GET
H2 200 payment-options.png
ufile.io/assets/img/ 26 KB
26 KB 46ms
45ms Image
image/webp 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/payment-options.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
cf-cache-status: HIT
age: 1359079
cf-polished: origFmt=png, origSize=32805
status: 200
content-disposition: inline; filename="payment-options.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26398
cf-request-id: 046af8c6e30000dfd7220cb200000001
last-modified: Mon, 20 Jul 2020 08:19:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Mon, 18 Jan 2021 21:11:18 GMT
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 5bf1c3eb0a4ddfd7-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 banner.svg
ufile.io/assets/img/ 17 KB
13 KB 29ms
28ms Image
image/svg+xml 2606:4700:20::681a:20b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/banner.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:20b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b60361d7d573b0a4e2fa071423a7aa3b7a950d9fd9028eac54090b1bc4a8f18

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2069788
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 046af8c6e40000dfd7220cc200000001
last-modified: Mon, 13 Jul 2020 13:50:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 5bf1c3eb0a50dfd7-FRA
expires: Wed, 14 Jul 2021 15:46:09 GMT

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=660542049&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi....
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3d2f5700-d8bc-11ea-b56c-0661486b023f?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-V722Qkh1lxlSDMgPy.uoKbg7.cIVWseJmUbX&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-V722Qkh1lxlSDMgPy.uoKbg7.cIVWseJmUbX&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

227 B
1 KB

71ms
27ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-V722Qkh1lxlSDMgPy.uoKbg7.cIVWseJmUbX&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:38 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:38 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-V722Qkh1lxlSDMgPy.uoKbg7.cIVWseJmUbX&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 102ms
59ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=1977176347&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C1074327276760140799396765197%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:38 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000456
X-SpotX-Timing-SpotMarket: 0.036394
X-SpotX-Timing-Page-Mux: 0.000882
X-SpotX-Timing-Page-Require: 0.000392
X-fe: 061
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000033
Content-Length: 76
X-SpotX-Timing-Page: 0.043709
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000439
Last-Modified: Fri, 07 Aug 2020 14:42:38 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.019864
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.005101
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.016530
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 106ms
66ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=524307178&player_width=400&player_height=225&ip_addr=185.217.171.12&device[ua]=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=52.0685&device[geo][lon]=5.1014&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C760140799396765197825664067%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:38 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000324
X-SpotX-Timing-SpotMarket: 0.045967
X-SpotX-Timing-Page-Mux: 0.001219
X-SpotX-Timing-Page-Require: 0.000313
X-fe: 015
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000036
Content-Length: 76
X-SpotX-Timing-Page: 0.050407
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000338
Last-Modified: Fri, 07 Aug 2020 14:42:38 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.031197
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.002201
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.014770
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=127916989&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3c98426c-d8bc-11ea-b4e8-02474a157ceb?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-pU4DyOR1lxkf.sUad43_gtpTbH89DgaKdp3l&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-pU4DyOR1lxkf.sUad43_gtpTbH89DgaKdp3l&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

227 B
1 KB

68ms
24ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-pU4DyOR1lxkf.sUad43_gtpTbH89DgaKdp3l&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:38 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:38 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-pU4DyOR1lxkf.sUad43_gtpTbH89DgaKdp3l&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=937753659&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.he...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3cb828f0-d8bc-11ea-84ce-0635e211e6be?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-V4Tkw6t1lxk7Ao_Bz60UCmGB9s2i7dvlyQy.&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-V4Tkw6t1lxk7Ao_Bz60UCmGB9s2i7dvlyQy.&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

227 B
1 KB

68ms
23ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-V4Tkw6t1lxk7Ao_Bz60UCmGB9s2i7dvlyQy.&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:38 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:38 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-V4Tkw6t1lxk7Ao_Bz60UCmGB9s2i7dvlyQy.&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1616642285&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.h...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3d324f29-d8bc-11ea-9ff1-023b13579d02?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-diby._51lxkqJ.t04azjHT5IuOBuHvGaGCpI&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-diby._51lxkqJ.t04azjHT5IuOBuHvGaGCpI&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

227 B
1 KB

67ms
22ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-diby._51lxkqJ.t04azjHT5IuOBuHvGaGCpI&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:38 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:38 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-diby._51lxkqJ.t04azjHT5IuOBuHvGaGCpI&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1616390324&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.h...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3c95cff5-d8bc-11ea-97c1-06fc49b55f21?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-t6aV7i91lxkzSDSXdLSeBnYtEYNup1vlC1IB&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-t6aV7i91lxkzSDSXdLSeBnYtEYNup1vlC1IB&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

227 B
1 KB

70ms
25ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-t6aV7i91lxkzSDSXdLSeBnYtEYNup1vlC1IB&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:38 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:38 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-t6aV7i91lxkzSDSXdLSeBnYtEYNup1vlC1IB&_origin=0&nsync=1&apid=VA3d2f5700-d8bc-11ea-b56c-0661486b023f
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

POST t
t.lkqd.net/ Frame 7792 0
0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vpaid_61a91407.js Show response
vpaid.springserve.com/production/ Frame 15F4 463 KB
96 KB 35ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cd01182001bf26f56fbf5e5afaaa9f1660b8d74598417c62a15986a8999dc32

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:38 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 14:43:03 GMT
server: AmazonS3
x-amz-request-id: CEFAA1DFA0928DCD
etag: "d06b0906e48f351b1d59decb61750cc9"
x-hw: 1596811358.dop244.fr8.t,1596811358.cds167.fr8.hn,1596811358.cds278.fr8.c
content-type: application/javascript
status: 200
cache-control: max-age=2284196
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97871
x-amz-id-2: mzqtl9QbEM0wnbTHq5qC6Jj+k/11CMQq0n8i/ZEhg8kLO0WiVJVoX5D7XoRyZCUmVQMvxwy39RM=

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 15F4 1 KB
1 KB 52ms
15ms XHR
application/xml 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9cb39145d3995da69200744f7f0e48957f00525a21b7a7d2ba592ed39e6eeaa1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:39 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-2da6-59b89486b7547"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://ufile.io
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 618
Expires: Fri, 07 Aug 2020 14:42:39 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 15F4 0
209 B 21ms
21ms XHR
application/json 18.185.216.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-216-221.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ufile.io
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 218945 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 15F4 0
1 KB 53ms
53ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/218945
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 07 Aug 2020 14:42:39 GMT
X-SpotX-Timing-Transform: 0.000281
X-SpotX-Timing-SpotMarket: 0.034317
X-SpotX-Timing-Page-Mux: 0.000220
X-SpotX-Timing-Page-Require: 0.000294
X-fe: 139
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000031
X-SpotX-Timing-Page: 0.038299
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000349
Last-Modified: Fri, 07 Aug 2020 14:42:39 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.017897
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.002795
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.016420
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 1BB6 149 KB
35 KB 21ms
20ms Script
text/javascript 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d7c89fd461b6f5cd5515ef8c34e1c5593a8a60b55d7240eba1cbd51d1636c8fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 May 2020 06:59:28 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-2553f-5a4f54e2932d9"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35375

POST t
t.lkqd.net/ Frame 7792 0
0

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame A768 0
0 55ms
25ms Document
text/html 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=121915
Expires: Sun, 09 Aug 2020 00:34:34 GMT
Date: Fri, 07 Aug 2020 14:42:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1BB6 37 KB
14 KB 46ms
15ms Script
text/html 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d2543f9f339387e31accc43bfeebf791c274a1e02f015797cff800fc08abb5ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94fd-5abd223c2ac92"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=121915
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Sun, 09 Aug 2020 00:34:34 GMT

GET
H/1.1 200
OK AdServerServlet
vid.pubmatic.com/AdServer/ Frame 1BB6 27 B
0 363ms
45ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,&us_privacy=&cb=1596811359128&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fufile.io%252Fmdgyb93l&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fufile.io%252Fmdgyb93l&vwndref=&vc=2&js=1&sec=1&kltstamp=2020-8-7%2016:42:39&ranreq=0.12720888781038808&timezone=2&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:39 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://ufile.io
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

GET
DATA 200
OK truncated
/ 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce38572c44184f2168c0b6e393318c674da0a0704e8fcb35d0dc5bfb1a6e303f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4f30d39b5b4d6a72db444127844d1379b457ce3f5f75e38ae748cce113be321

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 70 KB
71 KB 38ms
27ms Image
image/png 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2F7cb9acc5e4057400%2Fryan_1d112qw.png&width=240&height=240&1596540774096

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

333a0a3eee37cfb2f4ada9ddcb9f23f45123cbe7fa46f2fc0ed786b7f9582c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1020
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71922
cf-request-id: 046af8ce390000c2e58194b200000001
last-modified: Fri, 07 Aug 2020 03:36:48 GMT
server: cloudflare
etag: W/"118f2-173c6fe1afb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5bf1c3f6cfbac2e5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 238ms
221ms Font
application/font-woff2 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?98cb4fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?98cb4fa
Origin: https://ufile.io

Response headers

date: Fri, 07 Aug 2020 14:42:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6580
status: 200
access-control-max-age: 300
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10252
cf-request-id: 046af8ce4000000eab05973200000001
last-modified: Thu, 06 Aug 2020 14:28:27 GMT
server: cloudflare
etag: "5f2c138b-280c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5bf1c3f6c94b0eab-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
11 KB 233ms
216ms Font
application/font-woff2 2606:4700:10::6816:3ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?98cb4fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ed1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?98cb4fa
Origin: https://ufile.io

Response headers

date: Fri, 07 Aug 2020 14:42:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6580
status: 200
access-control-max-age: 300
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10340
cf-request-id: 046af8ce4000000eab05974200000001
last-modified: Thu, 06 Aug 2020 14:28:27 GMT
server: cloudflare
etag: "5f2c138b-2864"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5bf1c3f6c94f0eab-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK i Show response
vid-io-iad.springserve.com/vd/ Frame 15F4 0
201 B 407ms
103ms XHR
text/plain 35.153.121.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=fbc99fe8&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.121.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-121-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ufile.io
Date: Fri, 07 Aug 2020 14:42:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 15F4 0
124 B 67ms
19ms Image
text/html 2.21.37.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1596811359&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.33 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:40 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

POST t
t.lkqd.net/ Frame 7792 0
0

GET
H2 200 ad Show response
v.lkqd.net/ Frame ADE8 2 KB
2 KB 93ms
92ms XHR
application/xml 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=52259043&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ccfda26e5b3b40dc1baf8fa470c0cb629ea4504c658ce3285c17f9cb781c310f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:40 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1341

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 1FDB 230 KB
61 KB 21ms
20ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:41 GMT
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
content-length: 62007
x-served-by: cache-fra19163-FRA
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
x-timer: S1596811361.051381,VS0,VE0
etag: "37ec3f32952873470d227dd7944c04e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
x-cache-hits: 177176

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame A7BB 0
0 20ms
19ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: csip=true; lkqdidts=1596811357; sr90=1|4c_43398141-717a-4ac8-8646-9921feac8c0d|1596811357; sr55=1||1596811357; sr86=1|1040964861181740393|1596811357; lkqdid=xvyH3cYRqkI; sr93=1|-v1kiFvRSxR3BsYFAQQvxbnZqww|1596811357; sr85=1|18072662231909838313|1596811358
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
last-modified: Thu, 04 Jun 2020 17:26:54 GMT
etag: "31fb19c66779b8a0e4a23603f8131772"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Aug 2020 14:42:41 GMT
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 204950
x-timer: S1596811361.091960,VS0,VE0
vary: Accept-Encoding
age: 0
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-length: 1780

POST
H2 200 ad Show response
v.lkqd.net/ Frame 1FDB 57 KB
5 KB 265ms
265ms XHR
application/json 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=52259043&m=&rtv=1&thost=ufile.io
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d18803f1fe36e9ac4d7531b363b40356b3e4aff25461c9992c4a5d2dacfca1c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Aug 2020 14:42:41 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5272

POST t
t.lkqd.net/ Frame 5F7B 0
0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=135250070&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi....
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=135250070&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.view...

249 B
1 KB

359ms
244ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=135250070&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=40861de6-b9ae-4931-8c81-f31afbd88883&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ1OS45ODQ2MTk6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD00MDg2MWRlNi1iOWFlLTQ5MzEtOGM4MS1mMzFhZmJkODg4ODM=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:41 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=135250070&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=40861de6-b9ae-4931-8c81-f31afbd88883&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ1OS45ODQ2MTk6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD00MDg2MWRlNi1iOWFlLTQ5MzEtOGM4MS1mMzFhZmJkODg4ODM=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 46ms
45ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=1446937240&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C1687339032709067275099802513%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:41 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000294
X-SpotX-Timing-SpotMarket: 0.019956
X-SpotX-Timing-Page-Mux: 0.001056
X-SpotX-Timing-Page-Require: 0.000413
X-fe: 018
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000006
Content-Length: 76
X-SpotX-Timing-Page: 0.030402
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000334
Last-Modified: Fri, 07 Aug 2020 14:42:41 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.019956
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.008331
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 59ms
58ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=114767946&player_width=400&player_height=225&ip_addr=185.217.171.12&device[ua]=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=52.0685&device[geo][lon]=5.1014&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C27090672750998025132071846564%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:41 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000359
X-SpotX-Timing-SpotMarket: 0.036396
X-SpotX-Timing-Page-Mux: 0.001030
X-SpotX-Timing-Page-Require: 0.000380
X-fe: 050
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
Content-Length: 76
X-SpotX-Timing-Page: 0.043346
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000317
Last-Modified: Fri, 07 Aug 2020 14:42:41 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.022756
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.004829
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.013640
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1844042417&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5....
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1844042417&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20...

249 B
1 KB

573ms
449ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1844042417&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=72554c89-7fc0-4a12-8c90-50446eb49681&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ3MS42NjY1MDQ6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD03MjU1NGM4OS03ZmMwLTRhMTItOGM5MC01MDQ0NmViNDk2ODE=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:42 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1844042417&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=72554c89-7fc0-4a12-8c90-50446eb49681&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ3MS42NjY1MDQ6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD03MjU1NGM4OS03ZmMwLTRhMTItOGM5MC01MDQ0NmViNDk2ODE=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1060528862&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.h...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1060528862&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.heigh...

249 B
1 KB

541ms
434ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1060528862&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=c1a12868-1de2-4eff-be04-e8e7522c6375&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2OS44ODA2MTU6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD1jMWExMjg2OC0xZGUyLTRlZmYtYmUwNC1lOGU3NTIyYzYzNzU=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:42 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1060528862&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=c1a12868-1de2-4eff-be04-e8e7522c6375&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2OS44ODA2MTU6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD1jMWExMjg2OC0xZGUyLTRlZmYtYmUwNC1lOGU3NTIyYzYzNzU=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=153341756&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.he...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=153341756&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height...

249 B
1 KB

538ms
430ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=153341756&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=3550b948-801f-49f5-bd00-8c777ff52360&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2Ni45NzExOTE6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD0zNTUwYjk0OC04MDFmLTQ5ZjUtYmQwMC04Yzc3N2ZmNTIzNjA=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:42 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=153341756&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=3550b948-801f-49f5-bd00-8c777ff52360&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2Ni45NzExOTE6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD0zNTUwYjk0OC04MDFmLTQ5ZjUtYmQwMC04Yzc3N2ZmNTIzNjA=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=86908302&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.hei...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=86908302&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=...

249 B
1 KB

562ms
453ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=86908302&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=b8486dff-812a-4420-a8cc-b2229c9b45d3&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2OC4zNjk4NzM6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD1iODQ4NmRmZi04MTJhLTQ0MjAtYThjYy1iMjIyOWM5YjQ1ZDM=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:42 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=86908302&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=b8486dff-812a-4420-a8cc-b2229c9b45d3&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2MTQ2OC4zNjk4NzM6dXVpZD0iMzcyNDU5MDA2MzMwNzE3Mzg5NF9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBMzgiOmFwaWQ9VkEzZDJmNTcwMC1kOGJjLTExZWEtYjU2Yy0wNjYxNDg2YjAyM2Y6cmVxdWVzdF9pZD1iODQ4NmRmZi04MTJhLTQ0MjAtYThjYy1iMjIyOWM5YjQ1ZDM=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

POST t
t.lkqd.net/ Frame 5F7B 0
0

GET
DATA 200
OK truncated
/ Frame 1FDB 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_61a91407.js Show response
vpaid.springserve.com/production/ Frame 712E 463 KB
96 KB 8ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cd01182001bf26f56fbf5e5afaaa9f1660b8d74598417c62a15986a8999dc32

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:42 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 14:43:03 GMT
server: AmazonS3
x-amz-request-id: CEFAA1DFA0928DCD
etag: "d06b0906e48f351b1d59decb61750cc9"
x-hw: 1596811362.dop244.fr8.t,1596811362.cds167.fr8.hn,1596811362.cds278.fr8.c
content-type: application/javascript
status: 200
cache-control: max-age=2284192
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97871
x-amz-id-2: mzqtl9QbEM0wnbTHq5qC6Jj+k/11CMQq0n8i/ZEhg8kLO0WiVJVoX5D7XoRyZCUmVQMvxwy39RM=

POST t
t.lkqd.net/ Frame 5F7B 0
0

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 712E 1 KB
1 KB 17ms
17ms XHR
application/xml 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fe6d7d7d66f63f80f5c4511b68356af1b0bccf97f6ffc0f04d458d67c582cbd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:42 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-2da6-59b89486b7547"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://ufile.io
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 618
Expires: Fri, 07 Aug 2020 14:42:42 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 712E 0
209 B 21ms
20ms XHR
application/json 18.185.216.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-216-221.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ufile.io
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 218945 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 712E 0
977 B 39ms
38ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/218945
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 07 Aug 2020 14:42:42 GMT
X-SpotX-Timing-Transform: 0.000318
X-SpotX-Timing-SpotMarket: 0.019395
X-SpotX-Timing-Page-Mux: 0.000292
X-SpotX-Timing-Page-Require: 0.000322
X-fe: 048
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000005
X-SpotX-Timing-Page: 0.022612
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000297
Last-Modified: Fri, 07 Aug 2020 14:42:42 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.019395
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.001966
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000016
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame E7BC 149 KB
35 KB 20ms
19ms Script
text/javascript 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d7c89fd461b6f5cd5515ef8c34e1c5593a8a60b55d7240eba1cbd51d1636c8fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 May 2020 06:59:28 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-2553f-5a4f54e2932d9"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35375

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame ACF3 0
0 17ms
16ms Document
text/html 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=2D2AD832-9253-44AA-87DC-410536F55CF6; chkChromeAb67Sec=1; DPSync3=1597968000%3A201_197_219%7C1596844800%3A174; SyncRTB3=1598054400%3A35%7C1599350400%3A203%7C1597968000%3A223_170_220_56_54_88_176_81_161_8_55_166_71_165_22_99_204_194_189_21_13_7_3_195%7C1597622400%3A63%7C1597363200%3A15_67_2; PUBMDCID=3; SPugT=1596811359; KRTBCOOKIE_1101=23040-6858252564804794519; PugT=1596811359; KRTBCOOKIE_1051=22884-18072662231909838313; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_391=22924-4615531722557256769; KRTBCOOKIE_27=16735-uid:f71c5f2d-685f-4f00-829a-e07c82ddb3b1&KRTB&16736-uid:f71c5f2d-685f-4f00-829a-e07c82ddb3b1&KRTB&23019-uid:f71c5f2d-685f-4f00-829a-e07c82ddb3b1&KRTB&23114-uid:f71c5f2d-685f-4f00-829a-e07c82ddb3b1; KRTBCOOKIE_377=22918-39871f1a-61f1-4027-880b-6398666c76a4&KRTB&23031-39871f1a-61f1-4027-880b-6398666c76a4; KRTBCOOKIE_22=14911-2913010969505230872; KRTBCOOKIE_1074=22956-e_02f95140-8dd7-4292-9e56-1d040b9ecc16; KRTBCOOKIE_409=22966-hGj7zsGpzohmUfPo2TUnVRHS&KRTB&23212-hGj7zsGpzohmUfPo2TUnVRHS; KRTBCOOKIE_336=5844-7569631115530529942; KRTBCOOKIE_80=16514-CAESEJCNX1oM7vmconmy_gQVLcU&KRTB&22987-CAESEJCNX1oM7vmconmy_gQVLcU&KRTB&23025-CAESEJCNX1oM7vmconmy_gQVLcU; KRTBCOOKIE_153=19420-4bX9huLr-oT55PeB4-Hi0rew-9v546yBtuWCyWmY&KRTB&22979-4bX9huLr-oT55PeB4-Hi0rew-9v546yBtuWCyWmY; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=121912
Expires: Sun, 09 Aug 2020 00:34:34 GMT
Date: Fri, 07 Aug 2020 14:42:42 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E7BC 37 KB
14 KB 17ms
16ms Script
text/html 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d2543f9f339387e31accc43bfeebf791c274a1e02f015797cff800fc08abb5ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:42 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94fd-5abd223c2ac92"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=121912
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Sun, 09 Aug 2020 00:34:34 GMT

GET
H/1.1 200
OK AdServerServlet
vid.pubmatic.com/AdServer/ Frame E7BC 27 B
0 47ms
47ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,&us_privacy=&cb=1596811362159&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fufile.io%252Fmdgyb93l&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fufile.io%252Fmdgyb93l&vwndref=&vc=2&js=1&sec=1&kltstamp=2020-8-7%2016:42:42&ranreq=0.6798619071431076&timezone=2&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://ufile.io
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

POST
H/1.1 200
OK i Show response
vid-io-iad.springserve.com/vd/ Frame 712E 0
201 B 103ms
102ms XHR
text/plain 35.153.121.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=98f9a3d3&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.121.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-121-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ufile.io
Date: Fri, 07 Aug 2020 14:42:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 712E 0
124 B 21ms
20ms Image
text/html 2.21.37.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1596811362&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.33 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:42 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

POST t
t.lkqd.net/ Frame 5F7B 0
0

GET
H2 200 ad Show response
v.lkqd.net/ Frame ADE8 2 KB
2 KB 91ms
91ms XHR
application/xml 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=64547165&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a96f149e091d50303aeb5c95bcd14c723181788720bbe89bbd28bd840b8bff3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:43 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1341

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame DE6F 230 KB
61 KB 20ms
19ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:43 GMT
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
content-length: 62007
x-served-by: cache-fra19163-FRA
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
x-timer: S1596811363.438964,VS0,VE0
etag: "37ec3f32952873470d227dd7944c04e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
x-cache-hits: 177178

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame A717 0
0 22ms
22ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
last-modified: Thu, 04 Jun 2020 17:26:54 GMT
etag: "31fb19c66779b8a0e4a23603f8131772"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Aug 2020 14:42:43 GMT
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 204953
x-timer: S1596811363.475889,VS0,VE0
vary: Accept-Encoding
age: 0
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-length: 1780

POST
H2 200 ad Show response
v.lkqd.net/ Frame DE6F 50 KB
4 KB 113ms
112ms XHR
application/json 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=64547165&m=&rtv=1&thost=ufile.io
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e0b6448bf10fedd81d78ef9c7fcd567358353778816041251484f6e1b974b7e9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Aug 2020 14:42:43 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4264

POST t
t.lkqd.net/ Frame 943C 0
0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1903138480&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3f92e222-d8bc-11ea-81d6-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA3f92e222-d8bc-11ea-81d6-068489b665ff

227 B
1 KB

26ms
25ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA3f92e222-d8bc-11ea-81d6-068489b665ff

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:44 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:44 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA3f92e222-d8bc-11ea-81d6-068489b665ff
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 52ms
52ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=1324446250&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C20135579256972064620170239340%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:43 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000248
X-SpotX-Timing-SpotMarket: 0.032408
X-SpotX-Timing-Page-Mux: 0.000910
X-SpotX-Timing-Page-Require: 0.000355
X-fe: 084
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
Content-Length: 76
X-SpotX-Timing-Page: 0.037144
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000300
Last-Modified: Fri, 07 Aug 2020 14:42:43 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.018485
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.002892
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.013923
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 62ms
62ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=739546614&player_width=400&player_height=225&ip_addr=185.217.171.12&device[ua]=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=52.0685&device[geo][lon]=5.1014&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C69720646201702393401320992445%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:43 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000368
X-SpotX-Timing-SpotMarket: 0.041254
X-SpotX-Timing-Page-Mux: 0.000832
X-SpotX-Timing-Page-Require: 0.000373
X-fe: 028
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000046
Content-Length: 76
X-SpotX-Timing-Page: 0.045751
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000402
Last-Modified: Fri, 07 Aug 2020 14:42:43 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.023798
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.002465
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.017456
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1175126825&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5....
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3f92614f-d8bc-11ea-81d6-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA3f92614f-d8bc-11ea-81d6-068489b665ff

227 B
1 KB

69ms
24ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA3f92614f-d8bc-11ea-81d6-068489b665ff

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:44 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:44 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA3f92614f-d8bc-11ea-81d6-068489b665ff
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=806081936&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.he...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA404fb4f4-d8bc-11ea-8bfa-069c67851ab4?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

227 B
1 KB

50ms
25ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:44 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:44 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=204366054&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.he...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA402dec22-d8bc-11ea-8dd2-06a022ec0fcb?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

227 B
1 KB

25ms
24ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:44 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:44 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1058654056&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.h...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA403dce95-d8bc-11ea-97c2-06fc49b55f21?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

227 B
1 KB

63ms
23ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:44 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:44 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA403dce95-d8bc-11ea-97c2-06fc49b55f21
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

POST t
t.lkqd.net/ Frame 943C 0
0

GET
H2 200 ad Show response
v.lkqd.net/ Frame ADE8 2 KB
2 KB 93ms
93ms XHR
application/xml 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=98310101&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 741473b7068a9311a2060998eb8dfd1a6dcacc8b50b59a89c8c8dae5e5af5b90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:44 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1344

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame A0BE 230 KB
61 KB 21ms
20ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:45 GMT
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
content-length: 62007
x-served-by: cache-fra19163-FRA
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
x-timer: S1596811365.001406,VS0,VE0
etag: "37ec3f32952873470d227dd7944c04e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
x-cache-hits: 177180

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 2638 0
0 20ms
19ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: csip=true; lkqdidts=1596811363; sr55=1||1596811363; sr86=1|1040964861181741528|1596811363; lkqdid=P5tBXQN7KAo; sr90=1|4c_906b5a3b-661f-4462-a57d-865a715cf6c2|1596811363; sr93=1|vU091XR1RfBcqPNd7aiUobnZqww|1596811363; sr85=1|18072662231909838237|1596811363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
last-modified: Thu, 04 Jun 2020 17:26:54 GMT
etag: "31fb19c66779b8a0e4a23603f8131772"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Aug 2020 14:42:45 GMT
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 204955
x-timer: S1596811365.071616,VS0,VE0
vary: Accept-Encoding
age: 0
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-length: 1780

POST
H2 200 ad Show response
v.lkqd.net/ Frame A0BE 50 KB
4 KB 109ms
109ms XHR
application/json 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=98310101&m=&rtv=1&thost=ufile.io
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 95621b2ab7451fa7fe9ed3e316a1559316161308c8db332e1f2f4cf7b1f89c01

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Aug 2020 14:42:45 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4052

POST t
t.lkqd.net/ Frame C384 0
0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=369116379&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi....
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=369116379&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.view...

249 B
1 KB

479ms
479ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=369116379&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=b71e4873-a843-4a63-9c25-0dc5bbfbecb1&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4Ny41ODM5ODQ6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1iNzFlNDg3My1hODQzLTRhNjMtOWMyNS0wZGM1YmJmYmVjYjE=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:45 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=369116379&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=b71e4873-a843-4a63-9c25-0dc5bbfbecb1&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4Ny41ODM5ODQ6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1iNzFlNDg3My1hODQzLTRhNjMtOWMyNS0wZGM1YmJmYmVjYjE=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 55ms
55ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=1141464790&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C19025051656509424265752206693%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:45 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000263
X-SpotX-Timing-SpotMarket: 0.035422
X-SpotX-Timing-Page-Mux: 0.000901
X-SpotX-Timing-Page-Require: 0.000305
X-fe: 121
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000037
Content-Length: 76
X-SpotX-Timing-Page: 0.039387
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000364
Last-Modified: Fri, 07 Aug 2020 14:42:45 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.019020
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.002087
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.016402
X-SpotX-Timing-Page-URI: 0.000007
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 44ms
44ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=489389308&player_width=400&player_height=225&ip_addr=185.217.171.12&device[ua]=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=52.0685&device[geo][lon]=5.1014&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C65094242657522066931559816620%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:45 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000315
X-SpotX-Timing-SpotMarket: 0.023646
X-SpotX-Timing-Page-Mux: 0.001133
X-SpotX-Timing-Page-Require: 0.000554
X-fe: 073
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
Content-Length: 76
X-SpotX-Timing-Page: 0.027837
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000542
Last-Modified: Fri, 07 Aug 2020 14:42:45 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.023646
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.001629
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=260045711&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=260045711&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%...

249 B
1 KB

431ms
431ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=260045711&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=da5f3928-4ce9-493b-b9a3-ae6535926bfa&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4OS4yMjIxNjg6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1kYTVmMzkyOC00Y2U5LTQ5M2ItYjlhMy1hZTY1MzU5MjZiZmE=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:45 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=260045711&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&a.ip=185.217.171.12&a.ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&lat=52.0685&lon=5.1014&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=da5f3928-4ce9-493b-b9a3-ae6535926bfa&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4OS4yMjIxNjg6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1kYTVmMzkyOC00Y2U5LTQ5M2ItYjlhMy1hZTY1MzU5MjZiZmE=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1207111882&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.h...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1207111882&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.heigh...

249 B
1 KB

438ms
437ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1207111882&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=c382dbca-47b9-40c5-adb8-0aa654d932d8&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI5MC4yNDEyMTE6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1jMzgyZGJjYS00N2I5LTQwYzUtYWRiOC0wYWE2NTRkOTMyZDg=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:45 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1207111882&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=c382dbca-47b9-40c5-adb8-0aa654d932d8&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI5MC4yNDEyMTE6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD1jMzgyZGJjYS00N2I5LTQwYzUtYWRiOC0wYWE2NTRkOTMyZDg=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=11411992&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.hei...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=11411992&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=...

249 B
1 KB

432ms
431ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=11411992&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=7a5e607d-b897-47e7-9af4-a5594af8099d&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4Ni45NTgyNTI6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD03YTVlNjA3ZC1iODk3LTQ3ZTctOWFmNC1hNTU5NGFmODA5OWQ=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:45 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=11411992&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=7a5e607d-b897-47e7-9af4-a5594af8099d&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI4Ni45NTgyNTI6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD03YTVlNjA3ZC1iODk3LTQ3ZTctOWFmNC1hNTU5NGFmODA5OWQ=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=272572805&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.he...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=272572805&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height...

249 B
1 KB

431ms
431ms

XHR
text/xml

35.158.16.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=272572805&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=99f8b60d-e0b2-4d3c-a396-4fdfe30073ba&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI5Ni4xMjUyNDQ6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD05OWY4YjYwZC1lMGIyLTRkM2MtYTM5Ni00ZmRmZTMwMDczYmE=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.16.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-16-127.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.113 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:45 GMT
content-encoding: gzip
server: ATS/7.1.2.113
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://ufile.io
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=272572805&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=99f8b60d-e0b2-4d3c-a396-4fdfe30073ba&a.is_yahoo=3&redirect_y=dHM9MTU5NjgxMTM2NTI5Ni4xMjUyNDQ6dXVpZD0iMjE4NTkyNTQ3Njk4ODQ3MDc3Nl9fVElNRV9fMjAyMC0wOC0wNyswNyUzQTQyJTNBNDMiOmFwaWQ9VkE0MDNkY2U5NS1kOGJjLTExZWEtOTdjMi0wNmZjNDliNTVmMjE6cmVxdWVzdF9pZD05OWY4YjYwZC1lMGIyLTRkM2MtYTM5Ni00ZmRmZTMwMDczYmE=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

POST t
t.lkqd.net/ Frame C384 0
0

GET
H2 200 ad Show response
v.lkqd.net/ Frame ADE8 2 KB
2 KB 91ms
91ms XHR
application/xml 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=93132824&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: b4a058443c801df84d47bac0c306b507a460ec27ecfe5083e3e44f2a1e3f519a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:46 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1342

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 5376 230 KB
61 KB 22ms
21ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:46 GMT
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
content-length: 62007
x-served-by: cache-fra19163-FRA
last-modified: Thu, 09 Jul 2020 20:56:30 GMT
x-timer: S1596811366.402945,VS0,VE0
etag: "37ec3f32952873470d227dd7944c04e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
x-cache-hits: 177181

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 3D5B 0
0 21ms
21ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
last-modified: Thu, 04 Jun 2020 17:26:54 GMT
etag: "31fb19c66779b8a0e4a23603f8131772"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Aug 2020 14:42:46 GMT
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 204956
x-timer: S1596811366.442392,VS0,VE0
vary: Accept-Encoding
age: 0
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-length: 1780

POST
H2 200 ad Show response
v.lkqd.net/ Frame 5376 51 KB
5 KB 508ms
508ms XHR
application/json 146.20.128.94
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1125980&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C58638%2C1%2C&rnd=93132824&m=&rtv=1&thost=ufile.io
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.94 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9eb58ef0ad18d984a21ac7263646b69114127905a6810986628a8a0187342315

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Aug 2020 14:42:46 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://ufile.io
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4791

POST t
t.lkqd.net/ Frame 8167 0
0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1843132716&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.height=225&pi...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA429369f8-d8bc-11ea-92b6-026cfb548a2e?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

227 B
1 KB

63ms
24ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:47 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:47 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 41ms
40ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fufile.io%2Fmdgyb93l&cb=805724386&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C58638%2C1%2C9958976238095254509626387681%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ufile.io/mdgyb93l
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:47 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000268
X-SpotX-Timing-SpotMarket: 0.020627
X-SpotX-Timing-Page-Mux: 0.001214
X-SpotX-Timing-Page-Require: 0.000329
X-fe: 034
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
Content-Length: 76
X-SpotX-Timing-Page: 0.024862
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000466
Last-Modified: Fri, 07 Aug 2020 14:42:47 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.020627
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ufile.io
X-SpotX-Timing-Page-Misc: 0.001941
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1543011586&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.h...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA42910f79-d8bc-11ea-a1eb-06fca2a61b2f?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA42910f79-d8bc-11ea-a1eb-06fca2a61b2f

227 B
1 KB

23ms
22ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA42910f79-d8bc-11ea-a1eb-06fca2a61b2f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:47 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:47 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA42910f79-d8bc-11ea-a1eb-06fca2a61b2f
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=129226824&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.he...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA42925e14-d8bc-11ea-b568-022ae074647e?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

227 B
1 KB

23ms
22ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:47 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:47 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=293591141&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fufile.io%2Fmdgyb93l&eov=eov&pi.width=400&pi.he...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA428c8db9-d8bc-11ea-a320-068ca93f1b73?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

227 B
1 KB

44ms
24ms

XHR
text/xml

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:47 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.113
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Fri, 07 Aug 2020 14:42:47 GMT
status: 302
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-2K1eFkp1lxmPLRo5Svm.AeFwZfXKCPW0kkE8&_origin=0&nsync=1&apid=VA429369f8-d8bc-11ea-92b6-026cfb548a2e
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

POST t
t.lkqd.net/ Frame 8167 0
0

GET
DATA 200
OK truncated
/ Frame 5376 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_61a91407.js Show response
vpaid.springserve.com/production/ Frame 14B1 463 KB
96 KB 9ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cd01182001bf26f56fbf5e5afaaa9f1660b8d74598417c62a15986a8999dc32

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 14:42:47 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 14:43:03 GMT
server: AmazonS3
x-amz-request-id: CEFAA1DFA0928DCD
etag: "d06b0906e48f351b1d59decb61750cc9"
x-hw: 1596811367.dop244.fr8.t,1596811367.cds167.fr8.hn,1596811367.cds278.fr8.c
content-type: application/javascript
status: 200
cache-control: max-age=2284187
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97871
x-amz-id-2: mzqtl9QbEM0wnbTHq5qC6Jj+k/11CMQq0n8i/ZEhg8kLO0WiVJVoX5D7XoRyZCUmVQMvxwy39RM=

POST t
t.lkqd.net/ Frame 8167 0
0

GET
H2 200 tag.xml Show response
vastserverad.com/criteo/ Frame 14B1 802 B
633 B 156ms
41ms XHR
text/xml 195.181.167.18
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://vastserverad.com/criteo/tag.xml
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.167.18 Madrid, Spain, ASN60068 (CDN77, GB),
Reverse DNS: madrid-11.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 45e38823533a42a8d7bcc02001541e5880e4182af84c29491da4e43a2979e149

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1pwunfpf9cdUOAA==
date: Fri, 07 Aug 2020 14:42:47 GMT
content-encoding: br
status: 200
last-modified: Wed, 06 May 2020 12:57:21 GMT
server: CDN77-Turbo
x-edge-pop: madridES
etag: W/"5eb2b431-322"
vary: Origin
x-cache: HIT
content-type: text/xml
access-control-allow-origin: https://ufile.io
access-control-allow-credentials: true
x-edge-ip: 195.181.167.11
x-age: 972145

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 14B1 1 KB
1 KB 17ms
16ms XHR
application/xml 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: dc04b3fe3634299a59d8bd42b8be53e07235af5bc543c25a7b7a24ea016038c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 14:42:47 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-2da6-59b89486b7547"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://ufile.io
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 618
Expires: Fri, 07 Aug 2020 14:42:47 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 14B1 0
209 B 29ms
29ms XHR
application/json 18.185.216.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_61a91407.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-216-221.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ufile.io
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame E119 149 KB
35 KB 22ms
22ms Script
text/javascript 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d7c89fd461b6f5cd5515ef8c34e1c5593a8a60b55d7240eba1cbd51d1636c8fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 May 2020 06:59:28 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-2553f-5a4f54e2932d9"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35375

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame A18E 0
0 16ms
16ms Document
text/html 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=121907
Expires: Sun, 09 Aug 2020 00:34:34 GMT
Date: Fri, 07 Aug 2020 14:42:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E119 37 KB
14 KB 17ms
16ms Script
text/html 92.122.252.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-114.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d2543f9f339387e31accc43bfeebf791c274a1e02f015797cff800fc08abb5ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 14:42:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-94fd-5abd223c2ac92"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=121907
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 13837
Expires: Sun, 09 Aug 2020 00:34:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ufile.io/	1970-01-19 11:34:54	Name: __cflb Value: 02DiuHS3BYYUk7Vk5kbS5opKLteVFvC6qK47B33XC6M3A
.ufile.io/	1970-01-19 11:34:57	Name: ci_sessions Value: otem1lkkp9rro2qnn5ms9q02kk6a5lvj
.ufile.io/	1970-01-19 11:33:52	Name: csrf_cookie_name Value: 16c9b2c11bc03f33b4ee2596a9115fe7
ufile.io/	1970-01-19 11:43:36	Name: AWSALB Value: u2k/W8h1gQ62luBkRACk+yq0fMf8BrvDbGKbOy0hE7/k29qTP40GIx3kose5x4jXnrD8xxA90tN8pQkB1RAUIAwZrOXu/3SED0MvqyUVV4MkHCzIm3ymQg9gSGPt
ufile.io/	1970-01-19 11:43:36	Name: AWSALBCORS Value: u2k/W8h1gQ62luBkRACk+yq0fMf8BrvDbGKbOy0hE7/k29qTP40GIx3kose5x4jXnrD8xxA90tN8pQkB1RAUIAwZrOXu/3SED0MvqyUVV4MkHCzIm3ymQg9gSGPt
.ufile.io/	1970-01-19 12:16:43	Name: __cfduid Value: d695fd7d89e823abafe6b495d1bbd5e1f1596811356

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,&us_privacy=&cb=1596811359128
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fufile.io%252Fmdgyb93l&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fufile.io%252Fmdgyb93l&vwndref=&vc=2&js=1&sec=1&kltstamp=2020-8-7 16:42:39&ranreq=0.12720888781038808&timezone=2&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:PM AdRequest Time: 0.877secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:Ad Error Time: 0.881secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-info:Total Component Time since player call: 0.925secs.
console-api	warning	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811358082,,(Line 178) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,&us_privacy=&cb=1596811362159
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fufile.io%252Fmdgyb93l&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fufile.io%252Fmdgyb93l&vwndref=&vc=2&js=1&sec=1&kltstamp=2020-8-7 16:42:42&ranreq=0.6798619071431076&timezone=2&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:PM AdRequest Time: 0.556secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:Ad Error Time: 0.558secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-info:Total Component Time since player call: 0.592secs.
console-api	warning	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811361392,,(Line 178) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,(Line 178) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,(Line 178) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,(Line 178) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fufile.io%2Fmdgyb93l&schain=1.0,1!vidoomy.com,58638,1,1596811366582,,(Line 178) Message: pm-info:into initAd method

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.lkqd.net
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
aktrack.pubmatic.com
analytics.uploadfiles.io
api-public.addthis.com
client.crisp.chat
googleads.g.doubleclick.net
graph.facebook.com
image.crisp.chat
m.addthis.com
pagead2.googlesyndication.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
s7.addthis.com
search.spotxchange.com
settings.crisp.chat
stats.g.doubleclick.net
t.lkqd.net
tpc.googlesyndication.com
ufile.io
ups.analytics.yahoo.com
v.lkqd.net
v1.addthisedge.com
vastserverad.com
vid-io-iad.springserve.com
vid.pubmatic.com
vpaid.pubmatic.com
vpaid.springserve.com
www.google-analytics.com
www.googletagservices.com
z.moatads.com
s7.addthis.com
t.lkqd.net
146.20.128.94
151.101.14.133
18.156.0.31
18.185.216.221
185.64.190.75
185.94.180.124
195.181.167.18
2.21.36.164
2.21.37.33
2001:4de0:ac18::1:a:3a
2606:4700:10::6816:3ed1
2606:4700:20::681a:20b
2606:4700:20::681b:2774
2606:4700::6810:85e5
2a00:1288:110:c305::8000
2a00:1450:4001:814::200e
2a00:1450:4001:815::2002
2a00:1450:4001:816::200a
2a00:1450:4001:825::2001
2a00:1450:400c:c00::9d
2a03:2880:f01c:800e:face:b00c:0:2
3.126.63.176
3.17.116.255
35.153.121.69
35.158.16.127
92.122.252.114
92.122.255.233
008dd386dfafcd48e846499b13ead5a5461657ef655da0862362b411cdd4d961
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
084e8a9d6bb93acc321931dc67b1683d21b31eebc7f8f7ad1924949bb59e4a02
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
1ae537941145d2e34b92bfaeb3af7453eca1f40512e365a37e35f164b99ba20f
1ae74f96669622f297034428361fbd80018a0cbe1633935702a28d9c09bdd4d3
1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
26707b5321012a13ff9b5527dadb1f99f5f14dd6553583380b43f37c5a906d41
2a0a7014b24badc2db61d6678a7e4ef9420ee5f87b6543da7b14b3b500c4d32c
333a0a3eee37cfb2f4ada9ddcb9f23f45123cbe7fa46f2fc0ed786b7f9582c49
3abe513abec2faca1f25159dfbea4ee92f8907c2f9397da3046336065fd661e6
3ae57b0141f0c12bf8b58974b4defad82a7c3c5f116f57753c69f1a54d93f378
3c9f5ebce3c1dcb0e842fa19811585a984660d667e08401755191e45e93b778a
3f2960b000a312a54cc81dcd1faccaee1ff230e7339e343340cc0ddcefd6c92e
45e38823533a42a8d7bcc02001541e5880e4182af84c29491da4e43a2979e149
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4b03b9e116a7a6e166d5a0d7533485b21cfb1407754efb995705efdc7a6e9c61
4ebc49bf40feb58578f23b8b791e36492344dc445930cef9b37f6a383f40297d
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5882032298738f7fe2a012b31813698803500fcef0cb0de7f0e3e8ae8673a5c2
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
64f9c8880a46cadb6e7cf67dce6bbe63c9f1e179c4184bb348e1ebf7a0de963f
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6cd01182001bf26f56fbf5e5afaaa9f1660b8d74598417c62a15986a8999dc32
6d18803f1fe36e9ac4d7531b363b40356b3e4aff25461c9992c4a5d2dacfca1c
6d8a803442173e717352a0a46e31dbe71183a1649f4d94c40caa6909ad601b56
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
741473b7068a9311a2060998eb8dfd1a6dcacc8b50b59a89c8c8dae5e5af5b90
78c2aa8c9ca6e79b1fd9d827778a21d05331a9fb568d251dd2984b3e349d6f94
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a45851bbbb2e9e87437cf47f263a4a1ca5c57adb7abbc562bfc6a6838dd3d46
7c097b5c9f603bab1ca78b4f8d896a2f62adc5e9b64d8df97c421d27b0b873d2
7c483b07112a63520c42ab64a30374679fbb23f841771bf1b15db5518526da5a
81b2d5a819b49d769a8b33ba07d85cead18b22b07f0369b923a6870ac39d8b0c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b60361d7d573b0a4e2fa071423a7aa3b7a950d9fd9028eac54090b1bc4a8f18
8ee54d2ed3783715fc679fefcae7a339c21cf4797f30f35fb73a9e15ae919724
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
95621b2ab7451fa7fe9ed3e316a1559316161308c8db332e1f2f4cf7b1f89c01
9a96f149e091d50303aeb5c95bcd14c723181788720bbe89bbd28bd840b8bff3
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cb39145d3995da69200744f7f0e48957f00525a21b7a7d2ba592ed39e6eeaa1
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053
9eb58ef0ad18d984a21ac7263646b69114127905a6810986628a8a0187342315
a5cde516e14ddc09ee01b50a6a7a8dc71baa58b84f07048f7305ed6b15bb9c1a
a817dcc75d922a7b1fc683883bf168d1b638286a4b8c2dd99c1075aee749591a
ae04bccb3edef584ed6b26b962e0e8d21c22fe4aa5e7acaaea1fb68a2e0c4852
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b4a058443c801df84d47bac0c306b507a460ec27ecfe5083e3e44f2a1e3f519a
beaef9b022c10624a25f016a19bb35f641b792e7733e29bd24aec8f7623f8852
c1a70ce439c31161f186cfc2be97b5201d8b8528b64018c301dd7d5c3d8f0985
c370dc9ba4a27a1fc49dba430552a8e1748f6dba844e98e3955a2162fad9dfd6
c62ef73a0215763e70038953666277b7ac2e5912c90f55518b6421f2fee6a21f
ccfda26e5b3b40dc1baf8fa470c0cb629ea4504c658ce3285c17f9cb781c310f
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
ce38572c44184f2168c0b6e393318c674da0a0704e8fcb35d0dc5bfb1a6e303f
d2543f9f339387e31accc43bfeebf791c274a1e02f015797cff800fc08abb5ce
d7c89fd461b6f5cd5515ef8c34e1c5593a8a60b55d7240eba1cbd51d1636c8fe
d7dbc4ac9afa4a8af498bb4de9466a76594213f30f18445e371f124b73d0db81
dc04b3fe3634299a59d8bd42b8be53e07235af5bc543c25a7b7a24ea016038c6
e0b6448bf10fedd81d78ef9c7fcd567358353778816041251484f6e1b974b7e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f30d39b5b4d6a72db444127844d1379b457ce3f5f75e38ae748cce113be321
e563e3104a54f19f6a97257440c13628a985a03dffb25c58bfd3bac1cabbd4c3
e8d922d6fc0f1a5331c26e6578730282c6d7b7a7ac7302ef74800599c0f8972d
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151
f95f6f7087901697190ec95d0497dfff00cd7ab4c0d048d414e4b0e40a89c951
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe6d7d7d66f63f80f5c4511b68356af1b0bccf97f6ffc0f04d458d67c582cbd0

ufile.io Open in urlscan Pro 2606:4700:20::681a:20b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

165 Requests

88 %HTTPS

44 %IPv6

23 Domains

38 Subdomains

26 IPs

9 Countries

1932 kBTransfer

6625 kBSize

6 Cookies

4 Outgoing links

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ufile.io Open in urlscan Pro
2606:4700:20::681a:20b Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

88 %
HTTPS

44 %
IPv6

23
Domains

38
Subdomains

26
IPs

9
Countries

1932 kB
Transfer

6625 kB
Size

6
Cookies

165 HTTP transactions
10 data transactions