urlscan.io logo urlscan.io
SecurityTrails logo

ut-files.com Open in urlscan Pro
104.152.186.134  Public Scan

Go To Rescan Add Verdict Report
URL: https://ut-files.com/
Submission: On January 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 9 domains to perform 37 HTTP transactions. The main IP is 104.152.186.134, located in United States and belongs to DACEN-2, US. The main domain is ut-files.com.
TLS certificate: Issued by R3 on January 20th 2024. Valid for: 3 months.
This is the only time ut-files.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    104.152.186.134 (United States)

ASN31863 (DACEN-2, US)
ut-files.com
7    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
4    2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
2    142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
www.googleadservices.com
1    2607:f8b0:4004:c08::93 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
297 KB
8 ut-files.com
ut-files.com
50 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
45 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
47 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2611
4 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
66 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
37 9
Domain Requested by
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 ut-files.com ut-files.com
7 pagead2.googlesyndication.com ut-files.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
2 www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.paypalobjects.com ut-files.com
1 www.google.com tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
37 11
Subject Issuer Validity Valid
ut-files.com
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://ut-files.com/
Frame ID: 003329D837F3C433A84CD2A76BF608DB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 0419F8D86DC2C92F117A9C955CB48A1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Frame ID: 996979A4220C93539B3294034AF80E3E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&adk=1812271804&adf=1573534164&lmt=1705966364&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fut-files.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364240&bpp=3&bdt=349&idt=274&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=5582847856808&frm=20&pv=1&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283
Frame ID: E12360467B96A9D2022ABA942080E2E7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: EEF23EDC2E68F4CF8C7E7CB76624C342
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 348E2B363BD59C6ED5DBF7ACF08DBD2F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B48986FB33FD0CE2CDF724C949EBE248
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

www.ut-files.com Index of ./

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

37
Requests

97 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

11
IPs

1
Countries

510 kB
Transfer

1241 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CYi45HPuuZeiVIt_KxtYP3rC7sASDxrq9dcbE_ZShDYnJpJLHIhABIMXytyJgyYaAgNyjxBCgAczpof4DyAEJqAMByAPLBKoE8QFP0O1lz9l8vTkcR0LwycsyrdocKqHP9smK0RX6509WqxA4h_jLQ8jABm8acFT9xamdzZ1KT6673yNfr0hii1eWmrX4lgOlm6AU2iGjb20xmBIrjKrLl26Iu97d_FS-cFr72m8VJB0yhmjwNyzMd17fYTrh65TJUSyPPynnoSCTm2ZtZo0EBKEmHe0rGQNL50h-C1y4gvPOkgRTEgtLEh4rxODb1vEGzOwD225lzYaePJ9bcnSef4FTQYGjinv9RGVm3t7mgNtUFHMzE30sRT-3TmNQKbwauJG2F-9Raz3bNgrQFGzA-o9kzzvzmpz-k4rbwASY_vLL0gOIBYuH9rIukgUECAQYAZIFBAgFGASgBi6AB5yW3gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCQ3gPSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WMLaofmT8oMDmglGaHR0cHM6Ly93d3cubGFyc29uZWxlY3Ryb25pY3MuY29tL2NhdGVnb3J5LzYwMS9pbmR1c3RyaWFsLXRyYW5zZm9ybWVyc4AKAcgLAdoMEAoKELCjvqbalur1HxICAQO4E-QD2BMLiBQD0BUBmBYBgBcBshccChoIABIUcHViLTIwMjQxODMxOTg3NjEwMTUYAA&sigh=9uny3eZ1UQI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_hBT1PcdSpekV4RlWbp4KQHcnj295HkOKnRSk699vUuCzlUpNEtSt3Qjybze11bXT0Me4tYSN0DsweSFDZOdZF5nGQWfE9fqMSxgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf3df558c8a5aee5d0000000000000000%22,%222%22:%220xf34fe06914229fa20000000000000000%22,%223%22:%220x4e1db0f5b61df3f10000000000000000%22,%224%22:%220xb8567257837df30e0000000000000000%22,%225%22:%220xe4323ae4997e1cd20000000000000000%22},%22debug_key%22:%2218291390887997929783%22,%22debug_reporting%22:true,%22destination%22:%22https://larsonelectronics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070101708%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229175057815418066561%22}&andc=true

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ut-files.com/ 		21 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ut-files.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.186.134 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software
Apache /
Resource Hash
532dd49fb9c2eeb53cb66e54d27b790fb615170e5355a3780a72d5eb24f2fbe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2831
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jan 2024 23:32:43 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
default.css
ut-files.com/templates/default/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ut-files.com/templates/default/default.css
Requested by
Host: ut-files.com
URL: https://ut-files.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.186.134 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software
Apache /
Resource Hash
fce3146db7f31aa695f43e35fc5a258e88500a9df63f71c46c91f04e08f42812

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 23:32:43 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Jan 2024 00:34:11 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=63072000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1164
dir.png
ut-files.com/index_icons/winxp/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut-files.com/index_icons/winxp/dir.png
Requested by
Host: ut-files.com
URL: https://ut-files.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.186.134 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software
Apache /
Resource Hash
f79a6d49fff3383d5cea68623ac3765a813c0f0baf56c4df1f816b3ceea7deb2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 23:32:43 GMT
Last-Modified
Sat, 20 Jan 2024 23:35:57 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=63072000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3151
search.png
ut-files.com/index_icons/winxp/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut-files.com/index_icons/winxp/search.png
Requested by
Host: ut-files.com
URL: https://ut-files.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.186.134 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software
Apache /
Resource Hash
ca0bdfb6519d9fbf610d062c04dd02daeca87eeefa54a5f7a9a65aec021baf5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 23:32:44 GMT
Last-Modified
Sat, 20 Jan 2024 23:35:58 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=63072000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3382
login.png
ut-files.com/index_icons/winxp/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut-files.com/index_icons/winxp/login.png
Requested by
Host: ut-files.com
URL: https://ut-files.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.186.134 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software
Apache /
Resource Hash
452c17ad60e1d283d39430d636f04ed2846fd9a2f13a11985cf4ac3a6c180e07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 23:32:44 GMT
Last-Modified
Sat, 20 Jan 2024 23:35:57 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=63072000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3318
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ut-files.com
URL: https://ut-files.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b259ffd900fb567c80ccd5a0762a7dc4f6a09311e96e24bbde5d0118bfe1f6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51065
x-xss-protection
0
server
cafe
etag
3500098036194434356
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 22 Jan 2024 23:32:44 GMT
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: ut-files.com
URL: https://ut-files.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9B05) /
Resource Hash
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
f42b14747710f
dc
ccg11-origin-www-1.paypal.com
content-length
3099
last-modified
Thu, 27 May 2021 14:20:07 GMT
server
ECAcc (mic/9B05)
traceparent
00-0000000000000000000f42b14747710f-8b4868ec1f4b8f85-01
etag
"60afaa97-c1b"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 23 Jan 2024 00:32:44 GMT
pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: ut-files.com
URL: https://ut-files.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9BB9) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 04:57:34 GMT
server
ECAcc (mic/9BB9)
etag
"5d5637be-2b"
x-cache
HIT
content-type
image/gif
paypal-debug-id
d1c4cfe1ff620
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
content-length
43
expires
Tue, 23 Jan 2024 00:32:44 GMT
alternate.css
ut-files.com/templates/default/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ut-files.com/templates/default/alternate.css
Requested by
Host: ut-files.com
URL: https://ut-files.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.186.134 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software
Apache /
Resource Hash
51b683ae01d97e6ac9894e2f2550fe11153f7593fcbd30052696ca8a3527395f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 23:32:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Jan 2024 00:16:01 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=63072000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
762
utfiles2.jpg
ut-files.com/templates/default/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut-files.com/templates/default/images/utfiles2.jpg
Requested by
Host: ut-files.com
URL: https://ut-files.com/templates/default/default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.186.134 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software
Apache /
Resource Hash
2d8ec02b081acb933f869c2a72e722b1c01080007a097ebae963c5c285f097f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/templates/default/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 23:32:44 GMT
Last-Modified
Sun, 21 Jan 2024 00:30:06 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=63072000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
33189
navbg.jpg
ut-files.com/templates/default/images/ 		596 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut-files.com/templates/default/images/navbg.jpg
Requested by
Host: ut-files.com
URL: https://ut-files.com/templates/default/default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.186.134 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software
Apache /
Resource Hash
d5065656d822730532698678d5f2aa94bfd9156a9b91ac2790105f651e9c536a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/templates/default/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 22 Jan 2024 23:32:44 GMT
Last-Modified
Sun, 21 Jan 2024 00:30:06 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=63072000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
596
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc1c6a65b7de78402b749cc9b50e7dc7de83c3bb4ed9b1e4fc87b6036559ba58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139769
x-xss-protection
0
server
cafe
etag
17736872745778471728
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Jan 2024 23:32:44 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 0419 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ut-files.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
14731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 19:27:13 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 19:27:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9969 		119 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
767d4c5c1ad1a21e4e3ee176bf7da623249d92e8f0d2d9f53acef80b12258535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ut-files.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40923
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 23:32:44 GMT
expires
Mon, 22 Jan 2024 23:32:44 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E123 		0
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&adk=1812271804&adf=1573534164&lmt=1705966364&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fut-files.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364240&bpp=3&bdt=349&idt=274&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=5582847856808&frm=20&pv=1&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ut-files.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 23:32:44 GMT
expires
Mon, 22 Jan 2024 23:32:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 9969 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jan 2024 23:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 22:28:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jan 2024 23:32:45 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9969 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:04:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
26878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 16:04:47 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/1136653134665709963/ Frame 9969 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1136653134665709963/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4084c7bdbb18b60d82f8f76fa1d9c08e70e2ef41fddf70144c5af2a9d269c761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Mon, 22 Jan 2024 23:32:45 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28442
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 21:19:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 21 Jan 2025 23:32:45 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1546026920936515054/ Frame 9969 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1546026920936515054/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
118ec446ebd809f8497998e2f368c1f6c1709022459dd806c45e088ba682d111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 14:59:15 GMT
date
Mon, 22 Jan 2024 14:59:15 GMT
x-content-type-options
nosniff
age
30810
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4009
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 12:57:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 9969 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
25751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 16:23:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9969 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 15:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 15:44:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9969 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
26422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 16:12:23 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9969 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 23:32:45 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 9969 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Apr 2024 20:13:51 GMT
truncated
/ Frame 9969 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca65e4f6573aca7afaff7276f296f9231613d2d27f001acf211024fa6276829f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9969 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:23:54 GMT
x-content-type-options
nosniff
age
356931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:23:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9969 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:16:29 GMT
x-content-type-options
nosniff
age
357376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:16:29 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 9969
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CYi45HPuuZeiVIt_KxtYP3rC7sASDxrq9dcbE_ZShDYnJpJLHIhABIMXytyJgyYaAgNyjxBCgAczpof4DyAEJqAMByAPLBKoE8QFP0O1lz9l8vTkcR0LwycsyrdocKqHP9smK0RX6509WqxA...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf3df558c8a5aee5d0000000000000000%22,%222%22:%220xf34fe06914229fa20000000000000000%22,%223%22:%220x4e1db0...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf3df558c8a5aee5d0000000000000000%22,%222%22:%220xf34fe06914229fa20000000000000000%22,%223%22:%220x4e1db0f5b61df3f10000000000000000%22,%224%22:%220xb8567257837df30e0000000000000000%22,%225%22:%220xe4323ae4997e1cd20000000000000000%22},%22debug_key%22:%2218291390887997929783%22,%22debug_reporting%22:true,%22destination%22:%22https://larsonelectronics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070101708%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229175057815418066561%22}&andc=true
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:46 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xf3df558c8a5aee5d0000000000000000","2":"0xf34fe06914229fa20000000000000000","3":"0x4e1db0f5b61df3f10000000000000000","4":"0xb8567257837df30e0000000000000000","5":"0xe4323ae4997e1cd20000000000000000"},"debug_key":"18291390887997929783","debug_reporting":true,"destination":"https://larsonelectronics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1070101708"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"9175057815418066561"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 Jan 2024 23:32:46 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 Jan 2024 23:32:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf3df558c8a5aee5d0000000000000000","2":"0xf34fe06914229fa20000000000000000","3":"0x4e1db0f5b61df3f10000000000000000","4":"0xb8567257837df30e0000000000000000","5":"0xe4323ae4997e1cd20000000000000000"},"debug_key":"18291390887997929783","debug_reporting":true,"destination":"https://larsonelectronics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1070101708"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"9175057815418066561"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5cf91d428a19ac57c636a09c2e1fa846bb18c4f1aebd9ff93e99f900805d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12231
x-xss-protection
0
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame EEF2 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2024183198761015&output=html&h=90&slotname=6886872685&adk=1927574233&adf=3025194257&pi=t.ma~as.6886872685&w=728&lmt=1705966364&format=728x90&url=https%3A%2F%2Fut-files.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705966364221&bpp=4&bdt=330&idt=251&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5582847856808&frm=20&pv=2&ga_vid=1865888960.1705966364&ga_sid=1705966364&ga_hid=1134414590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C31079265%2C31079437%2C31080329%2C31080334%2C31080442%2C31080589%2C95321963%2C95320893%2C95321627%2C95322164&oid=2&pvsid=1305959627855946&tmod=756017820&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:27:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
356728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:27:17 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf3df558c8a5aee5d0000000000000000%22,%222%22:%220xf34fe06914229fa20000000000000000%22,%223%22:%220x4e1db0f5b61df3f10000000000000000%22,%224%22:%220xb8567257837df30e0000000000000000%22,%225%22:%220xe4323ae4997e1cd20000000000000000%22},%22debug_key%22:%2218291390887997929783%22,%22debug_reporting%22:true,%22destination%22:%22https://larsonelectronics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070101708%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229175057815418066561%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 Jan 2024 23:32:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 23:32:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 348E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ut-files.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
11302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 20:24:24 GMT
expires
Tue, 21 Jan 2025 20:24:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B489 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
42204e896d3a872f86b8b557065d985f99754cf30d14e7f354a5fcd97228402e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GWxEcvvw01KKTxW59qy8HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ut-files.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GWxEcvvw01KKTxW59qy8HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 23:32:46 GMT
expires
Mon, 22 Jan 2024 23:32:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 348E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 21:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
7994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 21:19:32 GMT
generate_204
tpc.googlesyndication.com/ Frame 348E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eorNAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:32:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B489 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=1305959627855946&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=1305959627855946&bg=!srGlsf7NAAa8BdJLnAU7ADQBe5WfOI4q88MTUVdFi45IhSuaI9jF_KvqRkmqaR2PlvahQsj0c8Ria5o5BQlXGa5Veqi2AgAAAElSAAAAAmgBB5kCuwPSRMjFZeqeSrQ8cM0OxxxjhXsqNJlptwitFj0nUyvVDwylxoMRqmt1VhEBVPsFcDRPO-pspQznsP5QVmcyI4OKY0cv6VkIOqAtIg73liRnYBCNaPvpADDBbMxh4vvSL7J72VZdkb-2iplqeeJixNlMBe2Hg6mn1SQU-JzON3YYVv_4T2DJUlLxmsgogjbQZdIFk4bIuWip_srL7erZe2QkeCarmH27VeEMSLJMySQ41S6Qqjt1NGjjO5RWeSHB4FBn1xVaLSXrfx7YKHJpVFHs4ChmhEhOG7rBBAYWHo4chCbWVAEOdIq4uUhzzS1TxSTZuACTXqfdeHu87M3vBTsyfNT3LUPGX6zjWBfg7Tk7CWTCdOr6wKJ90oAjDPIp18MtT4Prtg6c2UtlPw9daiZIEmQx9J8_4lEwM-s2ijfTMLFIox4TiO3q5eThCmt9caaAx_Byoui0H2iTnnQQG2396IRUjbYJz0Alec70nzjOR96DS54SQhZqrqZaMGuOX5qf0GKrwW-wTZ982iVeUmIDqI5f591axJ0tVWPDChNy8LZad4V9EVrCf0u3cN1q4hYBmR22H4esiaEkwB3BlW08hDjblOoW4jW4cAMh1veVi-yF1Naq-FNwWC6CysISiCDnVQT0d8ScmisR129QfNkMzP3c9e3QXu5NfKTlerfGz6tkvPK0R4rYTfyTykzbxBzga4NDV98MX4QtopgWGqWUiGrE5Kvt_wgr9tSUoIZ5bhk3z22jcahhxxLyXzPEm_GWYmHWGjE78y7pidwjOYlWDocy6dBMMCV4gLJC7qPeOtRFVaQkoUm7RISZGGoA_YfCJiyoEOBdXGD5h-9cytxseK0Wb6x3VnxyRu_jepFyVkKiYblkVFpCn6DsdK_ROlFHfThPr1KL9-UB-DrcM6lYGolGbdmDfcDrAw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ut-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
ut-files.com/ Name: AutoIndex2
Value: 9f9e5dd4bfae0fc15b792d5938bfd704
.ut-files.com/ Name: __gads
Value: ID=48e78cd5a1dfa3c6:T=1705966364:RT=1705966364:S=ALNI_MadCGUVoXWtRrO-JF06-7cV41CPdA
.ut-files.com/ Name: __gpi
Value: UID=00000db948bbc524:T=1705966364:RT=1705966364:S=ALNI_MYcsDYp-jepEOQ1rYFzvPN3KUSDlw
.doubleclick.net/ Name: IDE
Value: AHWqTUkTvlGTEYmsRqYIx3Xtm46ChFYVLuhRGbpwV5GpEGkWL1S0QXNC5QWT5-hI3zw
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
ut-files.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.paypalobjects.com
104.152.186.134
142.251.16.157
192.229.210.155
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::93
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c19::5f
118ec446ebd809f8497998e2f368c1f6c1709022459dd806c45e088ba682d111
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2d8ec02b081acb933f869c2a72e722b1c01080007a097ebae963c5c285f097f4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
4084c7bdbb18b60d82f8f76fa1d9c08e70e2ef41fddf70144c5af2a9d269c761
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42204e896d3a872f86b8b557065d985f99754cf30d14e7f354a5fcd97228402e
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
452c17ad60e1d283d39430d636f04ed2846fd9a2f13a11985cf4ac3a6c180e07
4d5cf91d428a19ac57c636a09c2e1fa846bb18c4f1aebd9ff93e99f900805d38
51b683ae01d97e6ac9894e2f2550fe11153f7593fcbd30052696ca8a3527395f
532dd49fb9c2eeb53cb66e54d27b790fb615170e5355a3780a72d5eb24f2fbe6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
767d4c5c1ad1a21e4e3ee176bf7da623249d92e8f0d2d9f53acef80b12258535
b259ffd900fb567c80ccd5a0762a7dc4f6a09311e96e24bbde5d0118bfe1f6de
ca0bdfb6519d9fbf610d062c04dd02daeca87eeefa54a5f7a9a65aec021baf5d
ca65e4f6573aca7afaff7276f296f9231613d2d27f001acf211024fa6276829f
d5065656d822730532698678d5f2aa94bfd9156a9b91ac2790105f651e9c536a
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f79a6d49fff3383d5cea68623ac3765a813c0f0baf56c4df1f816b3ceea7deb2
fc1c6a65b7de78402b749cc9b50e7dc7de83c3bb4ed9b1e4fc87b6036559ba58
fce3146db7f31aa695f43e35fc5a258e88500a9df63f71c46c91f04e08f42812