dl-file.com Open in urlscan Pro
144.217.183.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Submission: On September 25 via manual (September 25th 2023, 2:35:32 pm UTC) from TW — Scanned from CA

Summary HTTP 102 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 40 domains to perform 102 HTTP transactions. The main IP is 144.217.183.17, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is dl-file.com.
TLS certificate: Issued by R3 on September 21st 2023. Valid for: 3 months.

This is the only time dl-file.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	144.217.183.17 144.217.183.17	16276 (OVH) (OVH)
7	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
1	142.250.31.97 142.250.31.97	15169 (GOOGLE) (GOOGLE)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.163.104 142.251.163.104	15169 (GOOGLE) (GOOGLE)
1	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
3 7	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	216.239.32.178 216.239.32.178	15169 (GOOGLE) (GOOGLE)
1	104.20.8.31 104.20.8.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
1	149.56.240.130 149.56.240.130	16276 (OVH) (OVH)
1	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
3	141.101.120.10 141.101.120.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.162.163.118 3.162.163.118	16509 (AMAZON-02) (AMAZON-02)
3	52.14.172.225 52.14.172.225	16509 (AMAZON-02) (AMAZON-02)
1	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.13.60 104.26.13.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	44.196.115.10 44.196.115.10	14618 (AMAZON-AES) (AMAZON-AES)
4 4	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
4 4	52.26.6.186 52.26.6.186	16509 (AMAZON-02) (AMAZON-02)
3 7	184.28.136.218 184.28.136.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.22.38 13.226.22.38	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
4	23.34.240.168 23.34.240.168	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
3 3	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	34.195.127.221 34.195.127.221	14618 (AMAZON-AES) (AMAZON-AES)
4 5	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
10 10	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.231.224.57 34.231.224.57	14618 (AMAZON-AES) (AMAZON-AES)
1	3.221.126.30 3.221.126.30	14618 (AMAZON-AES) (AMAZON-AES)
2 4	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
3 9	52.55.144.0 52.55.144.0	14618 (AMAZON-AES) (AMAZON-AES)
1	3.162.174.91 3.162.174.91	16509 (AMAZON-02) (AMAZON-02)
1	18.160.46.56 18.160.46.56	16509 (AMAZON-02) (AMAZON-02)
1 3	23.92.190.69 23.92.190.69	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4	18.119.153.8 18.119.153.8	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.79.38.113 23.79.38.113	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.160.213.86 18.160.213.86	16509 (AMAZON-02) (AMAZON-02)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
3	142.251.16.132 142.251.16.132	15169 (GOOGLE) (GOOGLE)
4 4	3.229.72.50 3.229.72.50	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.172.122.72 18.172.122.72	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.92.190.68 23.92.190.68	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	34.231.79.111 34.231.79.111	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.200.65.202 34.200.65.202	() ()
2 2	151.101.194.49 151.101.194.49	() ()
102	41

25 144.217.183.17 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns555652.ip-144-217-183.net

dl-file.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.104 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.63.154 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.178 (Los Gatos, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.8.31 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.130 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534298.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.101.120.10 (None, )

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.163.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-163-118.ord56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.14.172.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-172-225.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.60 (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.196.115.10 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-115-10.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.222.80.231 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.26.6.186 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-6-186.us-west-2.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.28.136.218 (United States) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-136-218.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.22.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-22-38.ord51.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.34.240.168 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-240-168.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.24 (Chicago, United States) 3 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.195.127.221 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-127-221.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.166 (United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.223.40.198 (Seattle, United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.224.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-224-57.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.126.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-126-30.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.60.146 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.55.144.0 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-144-0.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.174.91 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-174-91.ord56.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-56.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.92.190.69 (San Francisco, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.119.153.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-153-8.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.38.113 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-38-113.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.213.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-213-86.ord58.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.229.72.50 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-72-50.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.172.122.72 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-172-122-72.ord56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.66.159 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.92.190.68 (San Francisco, United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.79.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-79-111.compute-1.amazonaws.com

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (None, ) 2 redirects

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	dl-file.com dl-file.com	2 MB
11	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 18731 t.sharethis.com — Cisco Umbrella Rank: 7627 sync.sharethis.com — Cisco Umbrella Rank: 4107	17 KB
10	adsrvr.org 10 redirects match.adsrvr.org — Cisco Umbrella Rank: 637	4 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	265 KB
9	eyeota.net 3 redirects ps.eyeota.net — Cisco Umbrella Rank: 1620	5 KB
7	bluekai.com 3 redirects stags.bluekai.com — Cisco Umbrella Rank: 984 tags.bluekai.com — Cisco Umbrella Rank: 1088	3 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	6 KB
6	crwdcntrl.net 3 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398 sync.crwdcntrl.net — Cisco Umbrella Rank: 1377 tags.crwdcntrl.net — Cisco Umbrella Rank: 1393	14 KB
5	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 1067 i6.liadm.com — Cisco Umbrella Rank: 4419	3 KB
5	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 1012 ce.lijit.com — Cisco Umbrella Rank: 1486	6 KB
5	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 806 ib.adnxs.com — Cisco Umbrella Rank: 360	4 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5281 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6729 data-beacons.s-onetag.com — Cisco Umbrella Rank: 9794	15 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 719	881 B
4	33across.com 3 redirects dp2.33across.com — Cisco Umbrella Rank: 21601 cdn-tc.33across.com — Cisco Umbrella Rank: 36810 dp1.33across.com — Cisco Umbrella Rank: 11783	2 KB
4	exelator.com 4 redirects loada.exelator.com — Cisco Umbrella Rank: 35065 loadus.exelator.com — Cisco Umbrella Rank: 2277	3 KB
4	onaudience.com 4 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3680	2 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 802	1 KB
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 13374	2 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 17102 ic.tynt.com — Cisco Umbrella Rank: 7821 de.tynt.com — Cisco Umbrella Rank: 2520	8 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 10305 t.dtscout.com — Cisco Umbrella Rank: 8729	4 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	642 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com ups.analytics.yahoo.com	763 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830	1 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 2356	1 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 640	6 KB
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 3065	547 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 2755 beacon.krxd.net — Cisco Umbrella Rank: 1035	499 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 8396 s4.histats.com — Cisco Umbrella Rank: 8413	5 KB
2	google.com www.google.com — Cisco Umbrella Rank: 11	2 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	603 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1417	1 KB
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1972
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 7693	16 KB
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 9403	588 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	602 B
1	gstatic.com www.gstatic.com	182 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	242 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	42 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	91 KB
102	40

	Domain	Requested by
25	dl-file.com	dl-file.com
10	match.adsrvr.org	10 redirects
9	ps.eyeota.net	3 redirects dl-file.com data-beacons.s-onetag.com
7	pagead2.googlesyndication.com	dl-file.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	tags.bluekai.com	2 redirects de.tynt.com tags.bkrtx.com
4	i.liadm.com	4 redirects
4	sync.sharethis.com	dl-file.com
4	idsync.rlcdn.com	2 redirects dl-file.com
4	secure.adnxs.com	3 redirects dl-file.com
4	t.sharethis.com	pd.sharethis.com t.sharethis.com
4	pixel.onaudience.com	4 redirects
4	bcp.crwdcntrl.net	2 redirects dl-file.com tags.crwdcntrl.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	cm.g.doubleclick.net	3 redirects
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	ap.lijit.com	1 redirects dl-file.com data-beacons.s-onetag.com
3	pixel.tapad.com	3 redirects
3	map.go.affec.tv	2 redirects dl-file.com
3	pd.sharethis.com	e.dtscout.com dl-file.com t.sharethis.com
3	get.s-onetag.com	e.dtscout.com get.s-onetag.com
2	sync-tm.everesttech.net	2 redirects
2	ce.lijit.com
2	px.ads.linkedin.com	1 redirects
2	live.rezync.com	2 redirects
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	ml314.com	1 redirects dl-file.com
2	loadus.exelator.com	2 redirects
2	dp2.33across.com	2 redirects
2	stags.bluekai.com	1 redirects dl-file.com
2	loada.exelator.com	2 redirects
2	t.dtscout.com	e.dtscout.com
2	www.google.com	dl-file.com tpc.googlesyndication.com
1	ib.adnxs.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	i6.liadm.com
1	um.simpli.fi	1 redirects
1	p.rfihub.com	1 redirects
1	api.intentiq.com	data-beacons.s-onetag.com
1	tags.bkrtx.com	pd.sharethis.com
1	tags.crwdcntrl.net	cdn-tc.33across.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	dp1.33across.com	1 redirects
1	beacon.krxd.net	dl-file.com
1	usermatch.krxd.net	1 redirects
1	cdn-tc.33across.com	de.tynt.com
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	dl-file.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	sync.crwdcntrl.net	1 redirects
1	t.dtscdn.com	e.dtscout.com
1	cdn.tynt.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	www.gstatic.com	www.google.com
1	s10.histats.com	dl-file.com
1	www.google-analytics.com	www.googletagmanager.com
1	static.criteo.net	dl-file.com
1	maxcdn.bootstrapcdn.com	dl-file.com
1	www.googletagmanager.com	dl-file.com
102	61

This site contains links to these domains. Also see Links.

Domain
forms.gle
www.fs22modhub.com
www.modsfallout4.com
www.modsats.com
www.cyberpunk2077mod.com
www.mygametrainers.com
www.sims4modhub.com
www.gta5modhub.com
www.allflightmods.com
www.minecraftpemod.com
www.ets2modding.com
www.atsmodding.com
www.fs19mods.com
www.farming2015mods.com
www.mudrunnermods.com
www.savegameworld.com
www.rdr2mod.com
www.snowrunnermods.com
www.gta6world.com

Subject Issuer	Validity	Valid
dl-file.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2023-09-17` - `2023-12-16`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-17`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Frame ID: 60029DB12CEA300CE67F9432A9F29D77
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/zrt_lookup.html
Frame ID: D30932120B29F45C8688952543737FF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2515630227857275&output=html&adk=1812271804&adf=3025194257&lmt=1695677726&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_r&format=0x0&url=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652526249&bpp=208&bdt=230&idt=572&shv=r20230921&mjsv=m202309180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=517259511761&frm=20&pv=2&ga_vid=424573188.1695652526&ga_sid=1695652527&ga_hid=55585999&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078144%2C44795922%2C31078048&oid=2&pvsid=1032056716125227&tmod=1580922375&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=624
Frame ID: 741590063368A23E97B82F4604F9CF48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2515630227857275&output=html&h=280&slotname=7327349012&adk=235686663&adf=2617691932&pi=t.ma~as.7327349012&w=970&fwrn=4&fwrnh=100&lmt=1695677726&rafmt=1&format=970x280&url=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652526464&bpp=51&bdt=446&idt=439&shv=r20230921&mjsv=m202309180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=517259511761&frm=20&pv=1&ga_vid=424573188.1695652526&ga_sid=1695652527&ga_hid=55585999&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078144%2C44795922%2C31078048&oid=2&pvsid=1032056716125227&tmod=1580922375&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NKHnIHlRKu&p=https%3A//dl-file.com&dtd=448
Frame ID: 6F0660E3A797C3AA4728A54D5B003406
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2515630227857275&output=html&h=280&slotname=7327349012&adk=235686663&adf=3717070680&pi=t.ma~as.7327349012&w=970&fwrn=4&fwrnh=100&lmt=1695677726&rafmt=1&format=970x280&url=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652526529&bpp=12&bdt=510&idt=392&shv=r20230921&mjsv=m202309180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=517259511761&frm=20&pv=1&ga_vid=424573188.1695652526&ga_sid=1695652527&ga_hid=55585999&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078144%2C44795922%2C31078048&oid=2&pvsid=1032056716125227&tmod=1580922375&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3BKgwDFUK9&p=https%3A//dl-file.com&dtd=404
Frame ID: 406E97DA26C02B658A790A5843F32D4B
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301695652527AD153D25EFC0054B8E
Frame ID: 096F33DB958B35D7FCA98CD5EE98796D
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212284895157911&ret=html&random=1695652527
Frame ID: 4FE7A7A535EF346652ED7C0469BCA513
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 3263959BF8AF189914581A5884037F8F
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1243.23362&cid=c010&cls=C
Frame ID: 423BE21FEE11F8761CA775F887F4A9BF
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1243.23362/a/CA/t_.js?cid=c010&cls=C
Frame ID: D8C1D151E6DF515203ACC2DB432CDE35
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: BF6AEFC3A4F7D3F06C2127BEFA062450
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=5bdedf28-c702-4305-b432-6b58fa366854&gdpr=0&gdpr_consent=
Frame ID: 45A353E67D86A28CF7CA614321859B02
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=83748
Frame ID: 1A4226AC39D43D6CE31AC15E8F617C61
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dl-file.com
Frame ID: B539B99BC532B5B9F4234A38059CA769
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C0F51508D31A9CF073E2C7E58E1D3471
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 09A262C490931C07CA05ABD10ABB8798
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 901D72AE5D427752BFB33CFC1CBFB528
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download a320 livery KAL hvI9K zip

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

102
Requests

77 %
HTTPS

0 %
IPv6

40
Domains

61
Subdomains

41
IPs

4
Countries

2478 kB
Transfer

3628 kB
Size

76
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://forms.gle/s4YQPw3KxnQsRqWU6
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.fs22modhub.com/
Title: FS22 Mods

Search URL Search Domain Scan URL

URL: http://www.modsfallout4.com/
Title: Fallout 4 Mods

Search URL Search Domain Scan URL

URL: http://www.modsats.com/
Title: ATS Mods

Search URL Search Domain Scan URL

URL: https://www.cyberpunk2077mod.com/
Title: Cyberpunk 2077 Mods

Search URL Search Domain Scan URL

URL: https://www.mygametrainers.com/
Title: Game Trainers

Search URL Search Domain Scan URL

URL: https://www.sims4modhub.com/
Title: Sims 4 Mods

Search URL Search Domain Scan URL

URL: http://www.gta5modhub.com/
Title: GTA 5 Mods

Search URL Search Domain Scan URL

URL: http://www.allflightmods.com/category/microsoft-flight-simulator-2020/
Title: MSFS 2020 Addons

Search URL Search Domain Scan URL

URL: https://www.minecraftpemod.com/category/mcpe-apk/
Title: Minecraft PE apk

Search URL Search Domain Scan URL

URL: http://www.ets2modding.com/
Title: ETS2 Mods

Search URL Search Domain Scan URL

URL: http://www.atsmodding.com/
Title: ATS Mods

Search URL Search Domain Scan URL

URL: http://www.fs19mods.com/
Title: FS19 Mods

Search URL Search Domain Scan URL

URL: http://www.farming2015mods.com/category/farming-simulator-19-mods/
Title: FS19 Mods

Search URL Search Domain Scan URL

URL: http://www.mudrunnermods.com/
Title: MudRunner Mods

Search URL Search Domain Scan URL

URL: http://www.savegameworld.com/
Title: Game Save

Search URL Search Domain Scan URL

URL: http://www.rdr2mod.com/
Title: RDR2 Mods

Search URL Search Domain Scan URL

URL: http://www.snowrunnermods.com/
Title: SnowRunner Mods

Search URL Search Domain Scan URL

URL: http://www.gta6world.com/
Title: GTA6 Mods

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=4C301695652527AD153D25EFC0054B8E HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=4C301695652527AD153D25EFC0054B8E

Request Chain 48

https://pixel.onaudience.com/?partner=137085098&mapped=4C301695652527AD153D25EFC0054B8E HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=06a87434ee0b05a5efdb4bd3f77c6610&gdpr=1 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ea5981ccd6afc414/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent= HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=1&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=8d7a26a30ffc1d17

Request Chain 54

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1695652527695.4 HTTP 302
https://tags.bluekai.com/site/27519?id=212284895157911&ret=html&random=1695652527

Request Chain 56

https://map.go.affec.tv/map/3a/?pid=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&ts=1695652527695.1 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65119aaf99a1240001c737a8%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65119aaf99a1240001c737a8%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://map.go.affec.tv/map/an/4969578643314112863?ch=65119aaf99a1240001c737a8&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/ttd/5bdedf28-c702-4305-b432-6b58fa366854?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 57

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&random=1695652527695.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&random=1695652527695.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=da78555c-9c14-4784-a656-5cb0c0ab51f0%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=da78555c-9c14-4784-a656-5cb0c0ab51f0%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&ttd_puid=da78555c-9c14-4784-a656-5cb0c0ab51f0%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 58

https://dp2.33across.com/ps/?pid=1205&rand=1695652527695.3 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212284899945725

Request Chain 59

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&33random=1695652527695.5&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&33random=1695652527695.5&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&bid=1e2n4ou

Request Chain 60

https://dp1.33across.com/ps/?pid=669&uid=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&random=1695652527695.7&pu=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212284895012100&seg_code=33x&random=1695652527 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212284895012100%26seg_code%3D33x%26random%3D1695652527

Request Chain 65

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 67

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&gdpr=0&gdpr_consent=

Request Chain 68

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=1685f01d76335e00707c59e321e0761e

Request Chain 69

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2Mw3Vh0KMNgpTgiBUO7e9XmsgY9OVfBDd4-cGbRjWq80&gdpr=0&gdpr_consent=

Request Chain 70

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGsAAmURmq8AAAAIPPU%2FAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3638773100082888710 HTTP 307
https://ml314.com/csync.ashx?fp=bba9a111af216133365526993d3dbf7bd546d8caad3c9611e5afc558709564c6f4cb09cee1a4f8eb&person_id=3638773100082888710&eid=50082

Request Chain 71

https://tags.bluekai.com/site/59574?id=ZGsAAmURmq8AAAAIPPU%2FAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 74

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGsAAmURmq8AAAAIPPU%2FAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1243.23362%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1243.23362%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=94556131 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=5bdedf28-c702-4305-b432-6b58fa366854&gdpr=0&gdpr_consent=

Request Chain 82

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HYXLbSZHWfsF_dv5T_2OAYny&rnd=43608 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HYXLbSZHWfsF_dv5T_2OAYny&rnd=43608&_li_chk=true&previous_uuid=98558c3afeae49f18a68a6921a13b57d HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=98558c3a-feae-49f1-8a68-a6921a13b57d HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=d69c4317-221d-4208-a49c-2775d710cf4f%3A1695652529.513091&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd69c4317-221d-4208-a49c-2775d710cf4f%253A1695652529.513091%26_%3D1695652529.5160954&cb=1695652529.516129 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477418822114677&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd69c4317-221d-4208-a49c-2775d710cf4f%253A1695652529.513091%26_%3D1695652529.5160954 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=d69c4317-221d-4208-a49c-2775d710cf4f%3A1695652529.513091&_=1695652529.5160954 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB00I51zppM81EY4gnYbaH0&google_cver=1

Request Chain 86

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HYXLbSZHWfsF_dv5T_2OAYny&rand=182&pu= HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HYXLbSZHWfsF_dv5T_2OAYny&rand=182&pu=&expected_cookie=32415d3b-7acc-4999-94c9-91b0d2c286ef

Request Chain 88

https://um.simpli.fi/lj_match?r=64777 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=18FBFBDF83B247A285E15F1F0A21777F

Request Chain 89

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HYXLbSZHWfsF_dv5T_2OAYny&rnd=13351 HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5bdedf28-c702-4305-b432-6b58fa366854 HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5bdedf28-c702-4305-b432-6b58fa366854

Request Chain 93

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=HYXLbSZHWfsF_dv5T_2OAYny/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=56c41f5fb1157be5170fdc38b144af8f

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnQ3ZUl2Rmtyb2lpMXZVaExFblpSZko5ZEZxUG5lRW9ZT1pyTUlLclBtNXM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEMYxXcFXscuf23fvOyWrsEM&google_cver=1

Request Chain 96

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Mnxg221E2pXEEcwu6HjnY4VkvX7FVAFpTws-~A

Request Chain 97

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZRGaswATBuqqTABY HTTP 302
https://ps.eyeota.net/match?uid=ZRGaswATBuqqTABY&bid=0rijhbu&referrer_pid=51md42u&_test=ZRGaswATBuqqTABY

Request Chain 98

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=3644295593021688621&bid=2cr76e1&referrer_pid=51md42u

Request Chain 99

https://tags.bluekai.com/site/29535?limit=1&id=2CbQ9jHandd3BPnTRrP89zPrQbaB6ZTn3tuSYjWtgLBc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=TmkrcHZvZ2E5OTlQQUhhaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOh4F6Nk5T6qEqWjnZXM-sI&google_cver=1

102 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request a320-livery-KAL_hvI9K.zip.html Show response
dl-file.com/ulugzj8048bi/ 17 KB
17 KB 415ms
328ms Document
text/html 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555652.ip-144-217-183.net
Software: Apache /
Resource Hash: be326949abc9e1734176bd141d4aaf94b65365a6946bea5972137fbec42ed021

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html ; charset=UTF-8
Date: Mon, 25 Sep 2023 14:35:25 GMT
Expires: Sun, 24 Sep 2023 14:35:25 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 148ms
59ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2515630227857275

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

99aee4d2e442888ad0f1b13eb2ec3c226a35ed0343e700b2fa922d513eb46d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl-file.com/
Origin: https://dl-file.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50560
x-xss-protection: 0
server: cafe
etag: 625444196599194321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:35:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
91 KB 147ms
58ms Script
application/javascript 142.250.31.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2EDRBREJ1G

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

146d2dc96679cdc0df28f85af6ce57482c623ecda3d6da12f28454c7f3923af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Sep 2023 14:35:26 GMT

GET
H/1.1 200
OK NewTheme.css
dl-file.com/css/ 74 KB
75 KB 29ms
25ms Stylesheet
text/css 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/css/NewTheme.css

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

4acf4136b03b7954122a580eae0f47a316d9c7100dfbd764ef23b4bcdbfce6f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 26 Oct 2021 12:13:20 GMT
Server: Apache
ETag: "128cd-5cf406744f388"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 75981

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 68ms
26ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 8212045
cdn-cachedat: 01/20/2023 17:10:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04425bbdc6243fc6e54bf8984fe50330"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9d8150582c42b4f79f0c685064478f17
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 80c3fe5ffc8b36c3-YYZ
cdn-requestpullsuccess: True

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 129ms
51ms Script
text/javascript 142.251.163.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f104.1e100.net

Software

GSE /

Resource Hash

8d472a50dfcb89a4a563cc9a1d9a5660f64f80bf9e79a4d66de415c039679d21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Sep 2023 14:35:26 GMT

GET
H/1.1 200
OK jquery-1.9.1.min.js Show response
dl-file.com/js/ 90 KB
91 KB 77ms
27ms Script
application/javascript 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/js/jquery-1.9.1.min.js

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 01 Jun 2015 06:04:12 GMT
Server: Apache
ETag: "169d5-5176e98442f00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 92629

GET
H/1.1 200
OK jquery.paging.js Show response
dl-file.com/js/ 19 KB
19 KB 79ms
28ms Script
application/javascript 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/js/jquery.paging.js

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 01 Jun 2015 06:04:12 GMT
Server: Apache
ETag: "4ba5-5176e98442f00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19365

GET
H/1.1 200
OK jquery.ui.js Show response
dl-file.com/js/ 398 B
923 B 381ms
330ms Script
text/javascript 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/js/jquery.ui.js

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache / PHP/5.4.16

Resource Hash

a6c748745997e83f17b90756869af2a20cf156acf538f1681a8f93a26edaa94c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Server: Apache
X-Powered-By: PHP/5.4.16
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 398

GET
H/1.1 200
OK jquery.cookie.js Show response
dl-file.com/js/ 3 KB
3 KB 79ms
28ms Script
application/javascript 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/js/jquery.cookie.js

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 01 Jun 2015 06:04:12 GMT
Server: Apache
ETag: "c31-5176e98442f00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3121

GET
H/1.1 200
OK paging.js Show response
dl-file.com/js/ 2 KB
2 KB 81ms
29ms Script
application/javascript 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/js/paging.js

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 01 Jun 2015 06:04:12 GMT
Server: Apache
ETag: "6ad-5176e98442f00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1709

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 128 KB
42 KB 177ms
73ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-1ffad"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 14:35:26 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 251ms
154ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

0dc85e8d96476fa7448692437236b7eb858d849cbf7bc33e7e57160ba568b53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50591
x-xss-protection: 0
server: cafe
etag: 17316820321565112668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:35:26 GMT

GET
H/1.1 200
OK ico_noads.png
dl-file.com/images-NewTheme/ 3 KB
3 KB 29ms
28ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/ico_noads.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

f6bf6d1af4e1926e10a1f8b61a1d0a658a48e7ffe323b13ef50d57438e6f24b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 14 Nov 2017 09:45:41 GMT
Server: Apache
ETag: "aa2-55dee400ee2bd"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2722

GET
H/1.1 200
OK ico_compressed.png
dl-file.com/images-NewTheme/ 2 KB
3 KB 29ms
28ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/ico_compressed.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

e22a0f3f0c63f4f9e2be0b362a40706b6504d08e370a2769b8293ddbb203b3dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 14 Nov 2017 09:50:34 GMT
Server: Apache
ETag: "890-55dee51826a47"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2192

GET
H/1.1 200
OK about_hd.png
dl-file.com/images-NewTheme/ 7 KB
8 KB 28ms
27ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/about_hd.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

12d9d71d8c07e3b32e6922a03a1d0c0183f6dee780a3229305f3b0f3c4aea4b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 09:31:03 GMT
Server: Apache
ETag: "1d1d-55d4d1cfdb3b0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7453

GET
H/1.1 200
OK ico_fb.png
dl-file.com/images-NewTheme/ 1 KB
2 KB 28ms
27ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/ico_fb.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

e26142148dc2365533532cc901d730ee02f79bfffb9da86b20873911281c180f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 08:24:21 GMT
Server: Apache
ETag: "475-55d4c2e693909"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1141

GET
H/1.1 200
OK ico_tr.png
dl-file.com/images-NewTheme/ 1 KB
2 KB 28ms
26ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/ico_tr.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

94024b15f0a587f637a2303205ae361518e1965d6beb190c005e04307783bf19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 08:24:20 GMT
Server: Apache
ETag: "58c-55d4c2e5ae129"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1420

GET
H/1.1 200
OK ico_yt.png
dl-file.com/images-NewTheme/ 1 KB
2 KB 28ms
26ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/ico_yt.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

163aab8fdd4b7cfa854101763984a802120bf13a82d6f841c33ee9cd201f28c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 08:24:21 GMT
Server: Apache
ETag: "4fc-55d4c2e6919c9"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1276

GET
H/1.1 200
OK ico_in.png
dl-file.com/images-NewTheme/ 1 KB
2 KB 29ms
28ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/ico_in.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

d97f3efe68f835117863e4d76fec93f4309fd3c9070b3eee59400d7f145517d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 08:24:19 GMT
Server: Apache
ETag: "4e5-55d4c2e4a85a9"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1253

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/ 378 KB
128 KB 175ms
87ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_fy2021.js?bust=31078048

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2515630227857275

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

6f09cbf786cfb81a414decdb994e380f80a1c083680941dd1e4fd1d2677d3943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131047
x-xss-protection: 0
server: cafe
etag: 929532944868849489
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:35:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/ Frame D309 10 KB
5 KB 117ms
36ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2515630227857275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 13:51:01 GMT
etag: 2603938475786422795
expires: Mon, 09 Oct 2023 13:51:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
242 B 110ms
46ms Ping
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2EDRBREJ1G&gtm=45je39k2&_p=55585999&cid=424573188.1695652526&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695652526&sct=1&seg=0&dl=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&dt=Download%20a320%20livery%20KAL%20hvI9K%20zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2EDRBREJ1G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.178 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dl-file.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 87ms
24ms Script
text/javascript 104.20.8.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: dl-file.com
URL: https://dl-file.com/js/jquery.ui.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.8.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 968
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 80c3fe62be11a241-YYZ
content-length: 4547

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ 453 KB
182 KB 155ms
38ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl-file.com/
Origin: https://dl-file.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185934
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 14:16:19 GMT

GET
H/1.1 200
OK logo_w.png
dl-file.com/images-NewTheme/ 1 KB
2 KB 34ms
33ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/logo_w.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

38eba31327475bf6d3b177561a8a2a5cadfa16ed7efab885684acafdb0bd0bfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/css/NewTheme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 06:50:18 GMT
Server: Apache
ETag: "57f-55d4ade1945ca"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1407

GET
H/1.1 200
OK logo.png
dl-file.com/images-NewTheme/ 1 MB
1 MB 32ms
31ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/logo.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

e76f2c32ecd923b05ca6b92d18ebdd280a0d761c2dd5a386d327ba747c5b4ba1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/css/NewTheme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 05 Nov 2018 11:14:44 GMT
Server: Apache
ETag: "10b55b-579e8fe015452"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1095003

GET
H/1.1 200
OK ico_globe.png
dl-file.com/images-NewTheme/ 773 B
1 KB 26ms
26ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/ico_globe.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

798adb8860b3dc412e2d789d153f1824e085eef370e05b7531e192a433c06cd4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/css/NewTheme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 02:19:51 GMT
Server: Apache
ETag: "305-55d4716dbccc6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 773

GET
H/1.1 200
OK flags.png
dl-file.com/images/ 15 KB
15 KB 34ms
31ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images/flags.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/css/NewTheme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 01 Jun 2015 06:04:10 GMT
Server: Apache
ETag: "3b4c-5176e9825aa80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 15180

GET
H/1.1 200
OK btn_signup.png
dl-file.com/images-NewTheme/ 2 KB
2 KB 36ms
34ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/btn_signup.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

9be599d6cefdb3787be094191b685a027f52e6bf4ef49d04a50310e7b023c0a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/css/NewTheme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 04:28:57 GMT
Server: Apache
ETag: "788-55d48e496518c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1928

GET
H/1.1 200
OK btn_login.png
dl-file.com/images-NewTheme/ 2 KB
2 KB 34ms
33ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/btn_login.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

3b92fd57682bb7613f88077272e0020c5f2cdf808b7e6f39e6d5ef765a1d5717

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/css/NewTheme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 04:28:58 GMT
Server: Apache
ETag: "826-55d48e4a9c9ec"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2086

GET
H/1.1 200
OK Candara.woff
dl-file.com/css/fonts/ 93 KB
93 KB 37ms
31ms Font
application/font-woff 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/css/fonts/Candara.woff

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

a4fd29aeff5c2151c3e4a2d0edc28885ffd0675a6d3a59e3ca229944e3490c0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dl-file.com/css/NewTheme.css
Origin: https://dl-file.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 05 Nov 2017 18:01:42 GMT
Server: Apache
ETag: "172c8-55d402162d6b5"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 94920

GET
H/1.1 200
OK Candarab.woff
dl-file.com/css/fonts/ 94 KB
95 KB 35ms
29ms Font
application/font-woff 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/css/fonts/Candarab.woff

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

79ea0fcaad1578acda495df0617d5b4f46de11c0b2dab44f6d20609935385e6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dl-file.com/css/NewTheme.css
Origin: https://dl-file.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 05 Nov 2017 18:01:45 GMT
Server: Apache
ETag: "178c4-55d402190cc55"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 96452

GET
H/1.1 200
OK OpenSans-Regular.woff
dl-file.com/css/fonts/ 66 KB
66 KB 92ms
30ms Font
application/font-woff 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/css/fonts/OpenSans-Regular.woff

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

d12fd1d8afb1c2d8cb9d59868336a6c9e357af548f36aa41bcdb12fa19158365

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dl-file.com/css/NewTheme.css
Origin: https://dl-file.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 09 Nov 2017 15:09:20 GMT
Server: Apache
ETag: "107c8-55d8e304af94f"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 67528

GET
H/1.1 200
OK about_bk.png
dl-file.com/images-NewTheme/ 176 KB
176 KB 40ms
39ms Image
image/png 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl-file.com/images-NewTheme/about_bk.png

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

9d78c0148361a3fcb690e899c0dd3885c79797359301f6829e98ae476b800460

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/css/NewTheme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 09:23:46 GMT
Server: Apache
ETag: "2c052-55d4d02eb1481"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 180306

GET
H/1.1 200
OK ERASDEMI.woff
dl-file.com/css/fonts/ 31 KB
32 KB 40ms
40ms Font
application/font-woff 144.217.183.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dl-file.com/css/fonts/ERASDEMI.woff

Requested by

Host: dl-file.com
URL: https://dl-file.com/css/NewTheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

144.217.183.17 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns555652.ip-144-217-183.net

Software

Apache /

Resource Hash

7b748cce237953136fb0e45af806e1d89388aee1c24d9f1ef89a732399a6c2e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dl-file.com/css/NewTheme.css
Origin: https://dl-file.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:26 GMT
Content-Security-Policy: frame-ancestors 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 06 Nov 2017 09:54:30 GMT
Server: Apache
ETag: "7d8c-55d4d70d5ff40"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 32140

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 379 B
514 B 435ms
30ms Script
text/html 149.56.240.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4533243&@f16&@g1&@h1&@i1&@j1695652526623&@k0&@l1&@mDownload%20a320%20livery%20KAL%20hvI9K%20zip&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-183404946&@b3:1695652527&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.130 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534298.ip-149-56-240.net
Software: /
Resource Hash: acb0d630aa81f623804df8e31c447a03ae395e9fa0caaa5d17d9426c6d61777d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:30 GMT
Connection: close
Content-Length: 379
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 261ms
50ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dl-file.com&callback=_gfp_s_&client=ca-pub-2515630227857275

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_fy2021.js?bust=31078048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

bbc3841dc445ea9ccd02261e20bea29d12b241142128e158bc2b5eade5d3eaa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7415 0
179 B 214ms
192ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2515630227857275&output=html&adk=1812271804&adf=3025194257&lmt=1695677726&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_r&format=0x0&url=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652526249&bpp=208&bdt=230&idt=572&shv=r20230921&mjsv=m202309180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=517259511761&frm=20&pv=2&ga_vid=424573188.1695652526&ga_sid=1695652527&ga_hid=55585999&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078144%2C44795922%2C31078048&oid=2&pvsid=1032056716125227&tmod=1580922375&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=624

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_fy2021.js?bust=31078048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:35:27 GMT
expires: Mon, 25 Sep 2023 14:35:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F06 430 B
375 B 317ms
299ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2515630227857275&output=html&h=280&slotname=7327349012&adk=235686663&adf=2617691932&pi=t.ma~as.7327349012&w=970&fwrn=4&fwrnh=100&lmt=1695677726&rafmt=1&format=970x280&url=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652526464&bpp=51&bdt=446&idt=439&shv=r20230921&mjsv=m202309180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=517259511761&frm=20&pv=1&ga_vid=424573188.1695652526&ga_sid=1695652527&ga_hid=55585999&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078144%2C44795922%2C31078048&oid=2&pvsid=1032056716125227&tmod=1580922375&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NKHnIHlRKu&p=https%3A//dl-file.com&dtd=448

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_fy2021.js?bust=31078048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

f640aa1cc8d8ded3ff14ed90e980f3cf3c7578c6ce8aa6b7b657893e9f54a118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:35:27 GMT
expires: Mon, 25 Sep 2023 14:35:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 406E 430 B
398 B 300ms
292ms Document
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2515630227857275&output=html&h=280&slotname=7327349012&adk=235686663&adf=3717070680&pi=t.ma~as.7327349012&w=970&fwrn=4&fwrnh=100&lmt=1695677726&rafmt=1&format=970x280&url=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695652526529&bpp=12&bdt=510&idt=392&shv=r20230921&mjsv=m202309180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=517259511761&frm=20&pv=1&ga_vid=424573188.1695652526&ga_sid=1695652527&ga_hid=55585999&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1033&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078144%2C44795922%2C31078048&oid=2&pvsid=1032056716125227&tmod=1580922375&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3BKgwDFUK9&p=https%3A//dl-file.com&dtd=404

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_fy2021.js?bust=31078048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

8ca90a14908b64935e793005b3406a715e34e9eb451f74b579867261808783c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:35:27 GMT
expires: Mon, 25 Sep 2023 14:35:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
3 KB 102ms
50ms Script
application/javascript 141.101.120.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4533243&@f16&@g1&@h1&@i1&@j1695652526623&@k0&@l1&@mDownload%20a320%20livery%20KAL%20hvI9K%20zip&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-183404946&@b3:1695652527&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db30111a2cf8a9fc4e869ed222e37bead5291b5572cb0ab149ed4798c3596459

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:27 GMT
x-t: 0.229
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brYf81lNdx0NgNTWc2intE8croKNnSouiblQwJhTwYbdCB0G3aTPesygFtOvHpBV613aIUlAKWOIXRSkN0qIykA9WRPLEnI5C7r1ERpGMIekXdD5bloL%2FWCAxRPRueE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl3
cf-ray: 80c3fe66a99b36b0-YYZ
expires: Mon, 25 Sep 2023 14:35:26 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 096F 1 KB
745 B 48ms
44ms Document
text/html 141.101.120.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=4C301695652527AD153D25EFC0054B8E
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49007d3a8ce3615a7088592e53718d07a2bb6d39bff06e56f0024be966993d4

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80c3fe671a3c36b0-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 14:35:27 GMT
expires: Mon, 25 Sep 2023 14:35:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pz8ZXeX28j2Q8g2RVKz%2Fn0oMkXGe%2BBhzR13oKNs38O0ed0l7sCpABzIN7kaKTTr%2F7PqwAJkNlC2kvbCiiotirnobevVvZKUsUQOfYHaQt%2BRECRYMQey4%2Bgw7xf1Zzcs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 132ms
38ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 23:54:30 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 31ab6a69a955ba22ff90036cd9977e74.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 52858
x-amz-cf-id: K8jKtf0oW7w1n3Sgo97mv5XTHBTywOwJ1D_UWdKOUqQhMMoajz9n-g==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 216ms
56ms Script
application/javascript 52.14.172.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.172.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-172-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

603e832fc5416073e2d35c4623266a5fd57920a49478887ae4a59a18fdb85810

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 13 KB
5 KB 88ms
34ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35496fd6bbcccc685cb1d442d840b1feaa6591685c9c048fead34265e0814e2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 06 Sep 2023 16:09:06 GMT
server: cloudflare
age: 80761
etag: W/"64f8a422-3360"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 80c3fe675bc35413-YYZ
expires: Thu, 28 Sep 2023 14:35:27 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
330 B 138ms
130ms Script
application/javascript 141.101.120.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=dl-file.com&_ss=1n9qxe5o61&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=5ask&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52c89db36003d59eb4a40b5ad13802a2142b40be5795ad22ab7d25556d8741e3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:27 GMT
x-t: 0.123
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFShnd01BdSxe6n9dDZnVQHiNUTnJg2iZ363TBtaZutjvBSRtRud1NX%2Fkj40jjfn7dfjMj3pinFSUdLm4%2FDjB%2F%2FiilgWIGbqGZKuzfeSvSxIERl8oTnhoFXskTSK68g%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 80c3fe671a3e36b0-YYZ
expires: Mon, 25 Sep 2023 14:35:26 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
588 B 115ms
64ms Script
application/javascript 104.26.13.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=4C301695652527AD153D25EFC0054B8E&nid=300&p=836148727&t=420&s=1600x1200x24&u=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:27 GMT
x-t: 1.11
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnKCC6ceelQyigGeFBwwBVeFmXNyH%2FiFTOHzOj2xoxyPRfAed%2BJW8F6dfgLimpr%2FXv7z5V%2BVzQ%2Bk8Y4COrPgZuO3eqiJRczYZPgsWvvusA7ncgvxKZ7aaFVrZxNeBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 80c3fe67fac9a1f0-YYZ
expires: Mon, 25 Sep 2023 14:37:59 GMT

GET
H2

200

tpid=4C301695652527AD153D25EFC0054B8E
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=4C301695652527AD153D25EFC0054B8E
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=4C301695652527AD153D25EFC0054B8E

49 B
546 B

58ms
58ms

Image
image/gif

44.196.115.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=4C301695652527AD153D25EFC0054B8E
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: H2
Server: 44.196.115.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-115-10.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.45.251
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=4C301695652527AD153D25EFC0054B8E
cache-control: no-cache
x-server: 10.40.38.84
content-length: 0
expires: 0

GET
H2

200

52799
stags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=4C301695652527AD153D25EFC0054B8E
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=06a87434ee0b05a5efdb4bd3f77c6610&gdpr=1
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ea5981ccd6afc414/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=1&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=8d7a26a30ffc1d17

62 B
427 B

120ms
112ms

Image
image/gif

184.28.136.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=8d7a26a30ffc1d17
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: H2
Server: 184.28.136.218 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-136-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 25 Sep 2023 14:35:28 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=8d7a26a30ffc1d17
content-length: 0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
953 B 114ms
32ms Fetch
application/json 13.226.22.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.22.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-22-38.ord51.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 01:45:41 GMT
via: 1.1 54268fe6e541dab14321b978d08b8fc4.cloudfront.net (CloudFront), 1.1 11753cb5104d87763bd0d58a93a686f6.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD51-C2
age: 46186
x-amzn-requestid: eda3856b-a91d-44a7-b61f-8d718a42990d
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Lyjq4GlZiYcFSFA=
content-length: 535
x-amz-cf-id: UHzlz--l7MjjQ8BbjWmHOJwJfblSjPdnmvaLvRGnSu8aPWGrOtRRPA==

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 124ms
38ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1695652527358&dn=AFWU&iso=0&pu=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&t=Download%20a320%20livery%20KAL%20hvI9K%20zip&chmob=0
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:27 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 161ms
42ms Script
application/javascript 23.34.240.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3025820018257055&stid=ZGsAAmURmq8AAAAIPPU%2FAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.240.168 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-240-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

7fce30ca9221e63e6e7c572a694eadf0c4787b2f35c281cf51eace3092d8a331

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1363
Expires: Mon, 25 Sep 2023 15:35:27 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 47ms
46ms Image
image/gif 52.14.172.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&event_source=dtscout&rnd=0.3025820018257055&exptid=ZGsAAmURmq8AAAAIPPU%2FAw%3D%3D&fcmp=false

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.172.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-172-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 109ms
32ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 15d166e96884a81a6c55d45716ef88176facffd6fba41a21b6e252e37d45498b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 25 Sep 2023 14:35:26 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1379
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

27519 Show response
tags.bluekai.com/site/ Frame 4FE7
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1695652527695.4
https://tags.bluekai.com/site/27519?id=212284895157911&ret=html&random=1695652527

71 B
552 B

261ms
108ms

Document
text/html

184.28.136.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212284895157911&ret=html&random=1695652527
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.136.218 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-136-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

bk-server: f4b2
content-length: 71
content-type: text/html
date: Mon, 25 Sep 2023 14:35:28 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Mon, 25 Sep 2023 14:35:26 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212284895157911&ret=html&random=1695652527
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP008
x-33x-status: 400000000040080C

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame 3263 343 B
459 B 121ms
47ms Document
text/html 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 162830
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 80c3fe6aec0136b4-YYZ
content-encoding: gzip
content-type: text/html
date: Mon, 25 Sep 2023 14:35:27 GMT
etag: W/"64f8a422-157"
expires: Thu, 28 Sep 2023 14:35:27 GMT
last-modified: Wed, 06 Sep 2023 16:09:06 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

204

5bdedf28-c702-4305-b432-6b58fa366854
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&ts=1695652527695.1
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65119aaf99a1240001c737a8%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65119aaf99a1240001c737a8%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
https://map.go.affec.tv/map/an/4969578643314112863?ch=65119aaf99a1240001c737a8&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/ttd/5bdedf28-c702-4305-b432-6b58fa366854?ttd_puid=&gdpr=0&gdpr_consent=

0
562 B

40ms
40ms

Image
text/plain

34.195.127.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/5bdedf28-c702-4305-b432-6b58fa366854?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: H2
Server: 34.195.127.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-127-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:28 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

location: https://map.go.affec.tv/map/ttd/5bdedf28-c702-4305-b432-6b58fa366854?ttd_puid=&gdpr=0&gdpr_consent=
date: Mon, 25 Sep 2023 14:35:28 GMT
server: Kestrel
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&random=1695652527695.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2F...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&random=1695652527695.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites....
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=da78555c-9c14-4784-a656-5cb0c0ab51f0%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=da78555c-9c14-4784-a656-5cb0c0ab51f0%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&ttd_puid=da78555c-9c14-4784-a656-5cb0c0ab51f0%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

129ms
36ms

Image
text/plain

3.221.126.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: H2
Server: 3.221.126.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-126-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-served-by: beacon-n017-ash-prod.krxd.net
date: Mon, 25 Sep 2023 14:35:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1695652528
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Mon, 25 Sep 2023 14:35:28 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a013-ash-prod.krxd.net

GET
H2

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1695652527695.3
https://idsync.rlcdn.com/405716.gif?partner_uid=212284899945725

42 B
449 B

118ms
52ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212284899945725
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: H2
Server: 35.190.60.146 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:27 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:27 GMT
referrer-policy: unsafe-url
server: 33XP010
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212284899945725
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&33random=1695652527695.5&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&33random=1695652527695.5&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&bid=1e2n4ou

70 B
440 B

42ms
42ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&bid=1e2n4ou
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 25 Sep 2023 14:35:28 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&bid=1e2n4ou
date: Mon, 25 Sep 2023 14:35:28 GMT
server: Kestrel
content-length: 191

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKR2URmq%2Blu%2FaEFjOpAg%3D%3D&us_privacy=&random=1695652527695.7&pu=https%3A%2F%2Fdl-file.com%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212284895012100&seg_code=33x&random=1695652527
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212284895012100%26seg_code%3D33x%26random%3D1695652527

43 B
841 B

42ms
41ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212284895012100%26seg_code%3D33x%26random%3D1695652527

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

Server

68.67.179.166 , United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:28 GMT
an-x-request-uuid: 130b8d7a-90d3-4809-ac89-24e30a27eb9e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 153.92.40.68; 153.92.40.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:28 GMT
an-x-request-uuid: 6b352981-fcb7-471b-b36a-33f7d0fd8b13
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212284895012100%26seg_code%3D33x%26random%3D1695652527
cache-control: no-store, no-cache, private
x-proxy-origin: 153.92.40.68; 153.92.40.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 423B 2 KB
1 KB 70ms
69ms Document
text/html 23.34.240.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1243.23362&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3025820018257055&stid=ZGsAAmURmq8AAAAIPPU%2FAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.240.168 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-240-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Mon, 25 Sep 2023 14:35:27 GMT
Expires: Mon, 02 Oct 2023 14:35:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 127ms
31ms Script
text/javascript 3.162.174.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-91.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ec27031d965281ee498c59565822e0b8e0210d6420f7d34aa23a259bf7074a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: Yg05UO6NTOeAVh89ijS_gJS9wGU8sF2q
content-encoding: gzip
via: 1.1 3a80fb25cc2fec9952cef3278e496368.cloudfront.net (CloudFront)
date: Mon, 25 Sep 2023 13:56:09 GMT
last-modified: Wed, 19 Jul 2023 15:29:23 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 2359
etag: W/"d94796629c48c2aea8b46d4ba841348d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: toNgXQRscFvQfq_l0YSPG5DbkNidH2mgWYFO7OnyaQn0T55Y2Xj4Sw==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1243.23362/a/CA/ Frame D8C1 20 KB
9 KB 53ms
52ms Script
text/javascript 23.34.240.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1243.23362/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1243.23362&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.240.168 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-240-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

d5c41e631bcc6b4daa6f2bc47b6be005412000890e8531f838e59ff1db7096c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1243.23362&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:27 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9176
Expires: Mon, 02 Oct 2023 14:35:27 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame 3263 39 KB
12 KB 122ms
41ms Script
text/javascript 18.160.46.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-56.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:50:12 GMT
content-encoding: gzip
via: 1.1 edc440dfdd4dccb638ead805c7f4dbfe.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:51:51 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 24317
etag: W/"b054dbc49b30695b40107158fb25e846"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: SLAe8fCB3ozuMDlkEWZozhwe1tScGl2Lcu7y3Jq5c1Ns3MoHQAFh5w==

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
459 B

36ms
35ms

Fetch
application/json

23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: HTTP/1.1
Server: 23.92.190.69 San Francisco, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 805ae1dddbef865a5ea68fa34e1c07d9be4ebed81e0a7b4dac0db96e262cc138

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://dl-file.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Mon, 25 Sep 2023 14:35:28 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://dl-file.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame BF6A 438 B
675 B 50ms
49ms Script
application/javascript 52.14.172.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1243.23362&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.172.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-172-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

45acba6154a34ff927d71ee8488de7a800511ec7545318b8a06cc7ed9679ad33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:28 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame D8C1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&gdpr=0&gdpr_consent=

42 B
297 B

134ms
44ms

Image
image/gif

18.119.153.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&gdpr=0&gdpr_consent=

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Server

18.119.153.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-153-8.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:28 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGsAAmURmq8AAAAIPPU/Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=472763e1-100a-4e61-ab2f-8cf4f9b3fa06&gdpr=0&gdpr_consent=
date: Mon, 25 Sep 2023 14:35:28 GMT
server: Kestrel
content-length: 215

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame D8C1
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=1685f01d76335e00707c59e321e0761e

42 B
297 B

124ms
43ms

Image
image/gif

18.119.153.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=1685f01d76335e00707c59e321e0761e

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Server

18.119.153.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-153-8.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:28 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGsAAmURmq8AAAAIPPU/Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

date: Mon, 25 Sep 2023 14:35:28 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=1685f01d76335e00707c59e321e0761e
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame D8C1
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2Mw3Vh0KMNgpTgiBUO7e9XmsgY9OVfBDd4-cGbRjWq80&gdpr=0&gdpr_consent=

42 B
297 B

191ms
43ms

Image
image/gif

18.119.153.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2Mw3Vh0KMNgpTgiBUO7e9XmsgY9OVfBDd4-cGbRjWq80&gdpr=0&gdpr_consent=

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Server

18.119.153.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-153-8.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:28 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGsAAmURmq8AAAAIPPU/Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2Mw3Vh0KMNgpTgiBUO7e9XmsgY9OVfBDd4-cGbRjWq80&gdpr=0&gdpr_consent=
Date: Mon, 25 Sep 2023 14:35:28 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame D8C1
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGsAAmURmq8AAAAIPPU%2FAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3638773100082888710
https://ml314.com/csync.ashx?fp=bba9a111af216133365526993d3dbf7bd546d8caad3c9611e5afc558709564c6f4cb09cee1a4f8eb&person_id=3638773100082888710&eid=50082

43 B
139 B

47ms
46ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=bba9a111af216133365526993d3dbf7bd546d8caad3c9611e5afc558709564c6f4cb09cee1a4f8eb&person_id=3638773100082888710&eid=50082
Requested by: Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html
Protocol: H2
Server: 34.111.234.236 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:27 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Tue, 26 Sep 2023 10:35:28 GMT

Redirect headers

date: Mon, 25 Sep 2023 14:35:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=bba9a111af216133365526993d3dbf7bd546d8caad3c9611e5afc558709564c6f4cb09cee1a4f8eb&person_id=3638773100082888710&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame D8C1
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGsAAmURmq8AAAAIPPU%2FAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

162ms
41ms

Image
image/gif

18.119.153.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: dl-file.com
URL: https://dl-file.com/ulugzj8048bi/a320-livery-KAL_hvI9K.zip.html

Protocol

HTTP/1.1

Server

18.119.153.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-153-8.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:28 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGsAAmURmq8AAAAIPPU/Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Mon, 25 Sep 2023 14:35:28 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 3263 235 B
614 B 54ms
54ms XHR
application/json 44.196.115.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.115.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-115-10.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1e255f970062f21ed4de05fa8ffc923e5fefb2009738b331d3db01ddba94c091

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.9.215
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame BF6A 51 KB
16 KB 181ms
64ms Script
application/javascript 23.79.38.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.79.38.113 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-38-113.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 25 Sep 2023 14:35:28 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Mon, 02 Oct 2023 14:35:28 GMT

GET
H2

200

5386 Show response
tags.bluekai.com/site/ Frame 45A3
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGsAAmURmq8AAAAIPPU%2FAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1243.23362%26cid%3Dc010%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=5bdedf28-c702-4305-b432-6b58fa366854&gdpr=0&gdpr_consent=

62 B
305 B

137ms
137ms

Document
image/gif

184.28.136.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/5386?id=5bdedf28-c702-4305-b432-6b58fa366854&gdpr=0&gdpr_consent=
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.136.218 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-136-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Mon, 25 Sep 2023 14:35:28 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

content-length: 221
date: Mon, 25 Sep 2023 14:35:28 GMT
location: https://tags.bluekai.com/site/5386?id=5bdedf28-c702-4305-b432-6b58fa366854&gdpr=0&gdpr_consent=
server: Kestrel

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 1A42 0
0 153ms
73ms Document
text/plain 18.160.213.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=83748
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.213.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-86.ord58.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Mon, 25 Sep 2023 14:35:28 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server: Apache-Coyote/1.1
via: 1.1 62bd0bb5da0f14d62bdae0c2ab5e672e.cloudfront.net (CloudFront)
x-amz-cf-id: 0g45QpuajccemG6Rbbg9SFdXht262l8noy0rm_0v7wL1SU9RdH61mg==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
51ms XHR
application/json 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230921&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_fy2021.js?bust=31078048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

7c240bc2e2d205bf5f480b2e59763df1a808eb3d63295d694e6a52e95716a6b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12142
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B539 15 KB
6 KB 110ms
38ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dl-file.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:35:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 331718
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 119ms
39ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_fy2021.js?bust=31078048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 14:35:29 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame B539 425 B
557 B 34ms
34ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=dl-file.com&sn=ChromeSyncframe&so=0&topUrl=dl-file.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dl-file.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

70ab051e2008c1b23502a1941a316d45920669f1b4bc6c8a2b9be25240ca53c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dl-file.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1288070
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C0F5 13 KB
5 KB 41ms
36ms Document
text/html 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 255698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Sep 2023 15:33:51 GMT
expires: Sat, 21 Sep 2024 15:33:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 09A2 829 B
945 B 65ms
63ms Document
text/html 142.251.163.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f104.1e100.net

Software

GSE /

Resource Hash

5d3c681f13c408b4908f8b0f8782389412a089a67ad72e9decbc6b408cecafb2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FZncjxRrveOzD1_Ev5v5nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FZncjxRrveOzD1_Ev5v5nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 14:35:29 GMT
expires: Mon, 25 Sep 2023 14:35:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

362358.gif
idsync.rlcdn.com/
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HYXLbSZHWfsF_dv5T_2OAYny&rnd=43608
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HYXLbSZHWfsF_dv5T_2OAYny&rnd=43608&_li_chk=true&previous_uuid=98558c3afeae49f18a68a6921a13b57d
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=98558c3a-feae-49f1-8a68-a6921a13b57d
https://p.rfihub.com/cm?pub=39342&in=1&userid=d69c4317-221d-4208-a49c-2775d710cf4f%3A1695652529.513091&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd69c4317-221d-4208-a49c-2775d710...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477418822114677&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd69c4317-221d-4208-a49...
https://idsync.rlcdn.com/501709.gif?partner_uid=d69c4317-221d-4208-a49c-2775d710cf4f%3A1695652529.513091&_=1695652529.5160954
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB00I51zppM81EY4gnYbaH0&google_cver=1

42 B
60 B

44ms
44ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB00I51zppM81EY4gnYbaH0&google_cver=1
Protocol: H3
Server: 35.190.60.146 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:29 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB00I51zppM81EY4gnYbaH0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame C0F5 37 KB
14 KB 38ms
37ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 18:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 18:47:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 09A2 0
0 52ms
51ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230921&jk=1032056716125227&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C0F5 0
10 B 38ms
37ms Image
text/plain 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8TU8Pw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HYXLbSZHWfsF_dv5T_2OAYny&rand=182&pu=
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HYXLbSZHWfsF_dv5T_2OAYny&rand=182&pu=&expected_cookie=32415d3b-7acc-4999-94c9-91b0d2c286ef

0
361 B

118ms
118ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HYXLbSZHWfsF_dv5T_2OAYny&rand=182&pu=&expected_cookie=32415d3b-7acc-4999-94c9-91b0d2c286ef
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:35:30 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6DC98817BAB441DB8C5D533D7CE6DAF4 Ref B: YTO01EDGE0814 Ref C: 2023-09-25T14:35:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGL964Z4AAVYPVXBI4Rg==

Redirect headers

date: Mon, 25 Sep 2023 14:35:29 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5DA2054BF3FD4DF286362C140744D8D8 Ref B: YTO01EDGE0814 Ref C: 2023-09-25T14:35:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=15697&puuid=HYXLbSZHWfsF_dv5T_2OAYny&rand=182&pu=&expected_cookie=32415d3b-7acc-4999-94c9-91b0d2c286ef
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGL961t0jSUOCWbFgK4w==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230921&jk=1032056716125227&bg=!XV6lXhHNAAYrDsWMCw47ADQBe5WfOLQLu0AUuzudC7HsvRz8gkoa5ZGUZdLHLAk3hxmXeE6FVR9NM8PbXbC0BwC00C2gAgAAAJZSAAAADWgBBwoAUCkd60XC3a8Zw_y-0hzrB3pQSl9R1Zmd8Av23DkW7FheYeepfexjemlxOOfqgRFwXraGKKb-poIuObE4d2OF74fyB6tuZRJnt6u0hNjh5atVmQKxrEEL-4ZodXh-86PavLG1ySpiDolGBmVx7n4qrw6Bk30K0541p3Q8aer0rz4RdHsM1OOFfq-WI7Na9iB2AHpO-mCaFT0ExFhhoU6HUfpZM27jB4iVlw-q5-9VqfwpKEj0gHlCfqKfviOtd1KjS9CqrsaXYdAoYiBryt2cnBP8L3N28V21gQejFR7hTur4hADUbWjQ-oMScer9l14x1W9MuqZWrAiQjQLyQWdmwtKsohEoFDaAEqFAZ0e0Y8til6oTM1NsXYCHJKFHq5-Pe38KTKuNSJziikDclph-4UYHXRc7NLKaWGgGMDAWffciZEPEsx8HyQ8-6cFlRd5y893SkX_pv7nB2WsinKLGdqqpNL3BF5YRhd9dGMA5NLA7jTvs3JhboJEx4OeN7bgR5bNf4TgKz_KraOm_Ub3aF_Jub3IS3bmXJ8Q2gJ1Y6CpmEO_Yils8KL0_b1XvMUOcSwjRy_ocFQo863qS66zRhDsPgj3wXPwkItGboQ5VhHKQSMK1L8lvjbEYyn-pmsqobFWKD2yU9glH5zF_ff7H0cfgOISHzX99UtXSg9y3eBUHNDZelpDlAhqqdE6ZLydATOqg617Qf8419xY1fCtgnDzYhIeKXJyXRA42_8KSCsEPNsghFtRW-PZOBgfPix_PlRs5D2u_Vnc9RfxoA_iq-TK6E6VXEH-HiGT1xlhNJwQ4Imx2SKpUrKx72Piw_ilyJdcTqOECNKZye3Y7P5r-fcaZDV5TCIGQLKqWXHAEqg11ZLaI9fJzWI19Kg0XrU-mrhjp5aorD9sCXWEl0it98uS_b0NVeoZ_7OLL8b4Jh1_EyT4AkogOYY7kqCTxIX_OWku-dICHDdORzANMOXA87rS4wAu3yAWlZfwHZwuf3goNQ-934FKuCY6qmVzaQ3UrK1Pw7dw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=64777
https://ce.lijit.com/merge?pid=2&3pid=18FBFBDF83B247A285E15F1F0A21777F

43 B
679 B

119ms
40ms

Image
image/gif

23.92.190.68
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=18FBFBDF83B247A285E15F1F0A21777F
Protocol: HTTP/1.1
Server: 23.92.190.68 San Francisco, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 14:35:30 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Mon, 25 Sep 2023 14:35:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=18FBFBDF83B247A285E15F1F0A21777F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Sep 2023 14:35:30 GMT

GET
H/1.1

200
OK

35759
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HYXLbSZHWfsF_dv5T_2OAYny&rnd=13351
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5bdedf28-c702-4305-b432-6b58fa366854
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5bdedf28-c702-4305-b432-6b58fa366854

43 B
274 B

181ms
42ms

Image
image/gif

34.231.79.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5bdedf28-c702-4305-b432-6b58fa366854

Protocol

HTTP/1.1

Server

34.231.79.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-79-111.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:30 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=5bdedf28-c702-4305-b432-6b58fa366854
Date: Mon, 25 Sep 2023 14:35:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 901D 85 B
462 B 30ms
30ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://dl-file.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 460220
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Wed, 20 Sep 2023 06:45:11 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 31ab6a69a955ba22ff90036cd9977e74.cloudfront.net (CloudFront)
x-amz-cf-id: Hr8014-2YxCSmgod56T0sFelUtz_AEIrURVo6tpTSX6o_yo4-_UGHg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 901D 766 B
1 KB 31ms
30ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Wed, 20 Sep 2023 09:11:17 GMT
via: 1.1 31ab6a69a955ba22ff90036cd9977e74.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 451454
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: KTY6v-8xGXc0D-ccvjLKkTSUw7w3HbicL1j6v_3wo-3WtN3kCT2Dhw==

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame D8C1 0
289 B 51ms
47ms Image
text/plain 23.34.240.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGsAAmURmq8AAAAIPPU%252FAw%253D%253D&tt=t.dhj&dhjLcy=1695652527752&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1243.23362&ell=d&cck=__stid&dmn=dl-file.com&pn=%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&qs=na&rdn=dl-file.com&rpn=%2Fulugzj8048bi%2Fa320-livery-KAL_hvI9K.zip.html&rqs=na&cc=CA&cont=NA&evid=W-DxMrYAPwBPAtxu1HLW&urls=!1!346!b-13j,!1!357!b-13h,!1!327!b-14s,!1!0!b-14t,!1!213!b-150,!1!300!b-16f&rnd=1695652531056&cid=c010&version=1.1243.23362&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=92

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.240.168 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-240-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1243.23362&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 14:35:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Mon, 25 Sep 2023 14:35:31 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=HYXLbSZHWfsF_dv5T_2OAYny/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=56c41f5fb1157be5170fdc38b144af8f

43 B
999 B

38ms
37ms

Image
image/gif

23.92.190.68
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=56c41f5fb1157be5170fdc38b144af8f
Protocol: HTTP/1.1
Server: 23.92.190.68 San Francisco, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 14:35:31 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=56c41f5fb1157be5170fdc38b144af8f
cache-control: no-cache
x-server: 10.40.13.142
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 763 B
1 KB 46ms
45ms Script
application/javascript 52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: febf998eb69c109a046b367fdce34ba10ed3b65b6d8f574a61b79a808a63f2dd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Mon, 25 Sep 2023 14:35:31 GMT
Content-Length: 763
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnQ3ZUl2Rmtyb2lpMXZVaExFblpSZko5ZEZxUG5lRW9ZT1pyTUlLclBtNXM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEMYxXcFXscuf23fvOyWrsEM&google_cver=1

70 B
440 B

77ms
43ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEMYxXcFXscuf23fvOyWrsEM&google_cver=1
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 25 Sep 2023 14:35:31 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEMYxXcFXscuf23fvOyWrsEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Mnxg221E2pXEEcwu6HjnY4VkvX7FVAFpTws-~A

70 B
440 B

43ms
43ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Mnxg221E2pXEEcwu6HjnY4VkvX7FVAFpTws-~A
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 25 Sep 2023 14:35:32 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Mnxg221E2pXEEcwu6HjnY4VkvX7FVAFpTws-~A
date: Mon, 25 Sep 2023 14:35:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZRGaswATBuqqTABY
https://ps.eyeota.net/match?uid=ZRGaswATBuqqTABY&bid=0rijhbu&referrer_pid=51md42u&_test=ZRGaswATBuqqTABY

70 B
440 B

42ms
41ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ZRGaswATBuqqTABY&bid=0rijhbu&referrer_pid=51md42u&_test=ZRGaswATBuqqTABY
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 25 Sep 2023 14:35:31 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-yyz4556-YYZ
pragma: no-cache
date: Mon, 25 Sep 2023 14:35:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1695652532.918547,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=ZRGaswATBuqqTABY&bid=0rijhbu&referrer_pid=51md42u&_test=ZRGaswATBuqqTABY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=3644295593021688621&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

42ms
41ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=3644295593021688621&bid=2cr76e1&referrer_pid=51md42u
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 25 Sep 2023 14:35:31 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:31 GMT
an-x-request-uuid: c30eef52-5268-47f4-8714-9563f47efe4d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ps.eyeota.net/match?uid=3644295593021688621&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin: 153.92.40.68; 153.92.40.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

2981
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/29535?limit=1&id=2CbQ9jHandd3BPnTRrP89zPrQbaB6ZTn3tuSYjWtgLBc
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=TmkrcHZvZ2E5OTlQQUhhaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOh4F6Nk5T6qEqWjnZXM-sI&google_cver=1

62 B
305 B

202ms
201ms

Image
image/gif

184.28.136.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOh4F6Nk5T6qEqWjnZXM-sI&google_cver=1
Protocol: H2
Server: 184.28.136.218 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-136-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 25 Sep 2023 14:35:32 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 14:35:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOh4F6Nk5T6qEqWjnZXM-sI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 9 KB
4 KB 34ms
34ms Script
text/javascript 23.92.190.69
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.69 San Francisco, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://dl-file.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 14:35:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 16:20:24 GMT
Server: nginx
ETag: W/"64c7df48-22bf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ewr1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 25 Sep 2023 15:35:32 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 15:44:04	Name: _li_ss Value: ChoKBgiiARCNFgoFCAoQjRYKCQj_____BxCXFg
.dl-file.com/	1969-12-31 23:59:59	Name: lang Value: english
.dl-file.com/	1970-01-21 00:36:52	Name: _ga_2EDRBREJ1G Value: GS1.1.1695652526.1.0.1695652526.0.0.0
.dl-file.com/	1970-01-21 00:36:52	Name: _ga Value: GA1.1.424573188.1695652526
dl-file.com/	1970-01-20 15:02:18	Name: _gvst Value: 2
dl-file.com/	1970-01-20 23:46:28	Name: HstCfa4533243 Value: 1695652526623
dl-file.com/	1970-01-20 23:46:28	Name: HstCla4533243 Value: 1695652526623
dl-file.com/	1970-01-20 23:46:28	Name: HstCmu4533243 Value: 1695652526623
dl-file.com/	1970-01-20 23:46:28	Name: HstPn4533243 Value: 1
dl-file.com/	1970-01-20 23:46:28	Name: HstPt4533243 Value: 1
dl-file.com/	1970-01-20 23:46:28	Name: HstCnv4533243 Value: 1
dl-file.com/	1970-01-20 23:46:28	Name: HstCns4533243 Value: 1
.dl-file.com/	1970-01-21 00:22:28	Name: __gads Value: ID=e3e22e91d7a586a2-2273c2b71ce400f1:T=1695652527:RT=1695652527:S=ALNI_MbrhIH0DTjIP3MMagzUBAdAFi5Log
.dl-file.com/	1970-01-21 00:22:28	Name: __gpi Value: UID=00000d94f7f0d574:T=1695652527:RT=1695652527:S=ALNI_MahaJjwVY23It8bo2uXcuhZnye1_g
.dtscout.com/	1970-01-20 15:00:57	Name: m Value: 1
.dtscout.com/	1970-01-20 15:00:56	Name: st Value: 1
.dtscout.com/	1970-01-20 15:01:06	Name: oa Value: 1
.dtscout.com/	1970-01-20 17:24:52	Name: df Value: 1695652527
.dtscout.com/	1970-01-20 17:09:02	Name: l Value: 4C301695652527AD153D25EFC0054B8E
.dl-file.com/	1970-01-20 17:06:09	Name: __dtsu Value: 4C301695652527AD153D25EFC0054B8E
.onaudience.com/	1970-01-20 23:46:28	Name: cookie Value: ea5981ccd6afc414
.onaudience.com/	1970-01-20 15:02:18	Name: done_redirects161 Value: 1
.sharethis.com/	1970-01-20 23:47:54	Name: __stid Value: ZGsAAmURmq8AAAAIPPU/Aw==
.sharethis.com/	1970-01-20 23:47:54	Name: __stidv Value: 2
.dtscdn.com/	1970-01-20 19:18:38	Name: uid Value: 4C301695652527AD153D25EFC0054B8E
.tynt.com/	1970-01-20 23:46:28	Name: uid Value: CoIKR2URmq+lu/aEFjOpAg==
.crwdcntrl.net/	1970-01-20 21:29:38	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 21:29:38	Name: _cc_id Value: 56c41f5fb1157be5170fdc38b144af8f
.tynt.com/	1970-01-20 17:10:28	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1695652527695%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1695652527695%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1695652527695%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1695652527695%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A1%2C%22ts%22%3A1695652527695%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1695652527695%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1695652527695%7D%5D
.onaudience.com/	1970-01-20 15:02:18	Name: done_redirects104 Value: 1
.tapad.com/	1970-01-20 16:27:16	Name: TapAd_TS Value: 1695652527834
.tapad.com/	1970-01-20 16:27:16	Name: TapAd_DID Value: da78555c-9c14-4784-a656-5cb0c0ab51f0
.33across.com/	1970-01-20 23:46:28	Name: 33x_ps Value: u%3D212284895012100%3As1%3D1695652527894%3Ats%3D1695652527894
.go.affec.tv/	1970-01-20 23:46:28	Name: ck Value: 65119aaf99a1240001c737a7
.go.affec.tv/	1970-01-20 23:46:28	Name: oo Value: 1
.eyeota.net/	1970-01-20 23:47:54	Name: mako_uid Value: 18accc43f44-4bdd0000010a4965
.eyeota.net/	1970-01-20 15:00:53	Name: SERVERID Value: 18789~DM
.onaudience.com/	1970-01-20 15:02:18	Name: done_redirects282 Value: 1
.t.sharethis.com/	1970-01-20 15:21:02	Name: pxcelPage_default_c010_C Value: 1_0_1695652528052
.lijit.com/	1970-01-20 23:46:28	Name: ljt_reader Value: HYXLbSZHWfsF_dv5T_2OAYny
.bluekai.com/	1970-01-20 19:20:04	Name: bkdc Value: phx
.adnxs.com/	1970-01-20 17:10:28	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2In1@V7+X!@wnf-Te9(>wL5L!!'gM$t6PD
.adnxs.com/	1970-01-20 17:10:28	Name: uuid2 Value: 3644295593021688621
.ml314.com/	1970-01-20 23:47:54	Name: pi Value: 3638773100082888710
.exelator.com/	1970-01-20 17:53:40	Name: EE Value: "1685f01d76335e00707c59e321e0761e"
.bluekai.com/	1970-01-20 19:22:57	Name: bku Value: wXT99nYSWVPp/c13
.exelator.com/	1970-01-20 17:53:40	Name: ud Value: "eJxrXxzq6XKLQcHQzMI0zcAwxdzM2Ng01cDA3MA82dQy1djIMNXA3MwwdXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQfEl%252BUWb6ImfHxUUpaQyLSopPBR9NSwIATEopLA%253D%253D"
.adsrvr.org/	1970-01-20 23:47:54	Name: TDID Value: 5bdedf28-c702-4305-b432-6b58fa366854
.tapad.com/	1970-01-20 16:27:16	Name: TapAd_3WAY_SYNCS Value: 1!6446
.go.affec.tv/	1970-01-20 23:46:28	Name: pt Value: eyJhbiI6eyJkdCI6MTY5NTY1MjUyOCwiaWQiOiI0OTY5NTc4NjQzMzE0MTEyODYzIiwibHMiOjE2OTU2NTI1Mjh9LCJ0dCI6eyJkdCI6MTY5NTY1MjUyNywiaWQiOiJDb0lLUjJVUm1xK2x1L2FFRmpPcEFnPT0iLCJscyI6MTY5NTY1MjUyN30sInRkIjp7ImR0IjoxNjk1NjUyNTI4LCJpZCI6IjViZGVkZjI4LWM3MDItNDMwNS1iNDMyLTZiNThmYTM2Njg1NCIsImxzIjoxNjk1NjUyNTI4fSwidiI6MH0=\|1695652528\|933a3a6e69a148b2c1ef1ff9b1a2ac095d458504
.krxd.net/	1970-01-20 19:20:04	Name: _kuid_ Value: P0TsL2Av
.intentiq.com/	1970-01-21 00:36:52	Name: IQver Value: 1.9
.criteo.com/	1970-01-21 00:22:28	Name: uid Value: eb96cf39-5ec9-460c-a3fb-30a39be5a7af
.dl-file.com/	1970-01-21 00:22:28	Name: cto_bundle Value: zkVtpF9vRjZqUUpvZzZWQWFBTktQMnpKc3FtTWFRVXZveWxmV2FLY25HS2x4eXN1b2RacnE5cFNKT0g3VndoSlBWbndVJTJCbiUyRjRwSkN2VEIydEdGSnVkUUxHM2RmdzM3enR1NHRZaVpzN0JTJTJCZzU2MSUyRnRGWVFtRDZ6R1RQOFFpdDFvOXlkcHp0JTJCSUhUeTljTVBETGFOc0FRdE5nJTNEJTNE
.liadm.com/	1970-01-21 00:36:52	Name: lidid Value: 98558c3a-feae-49f1-8a68-a6921a13b57d
.rezync.com/	1970-01-21 00:22:28	Name: zync-uuid Value: d69c4317-221d-4208-a49c-2775d710cf4f:1695652529.513091
.rfihub.com/	1970-01-21 00:22:28	Name: eud Value: H4sIAAAAAAAA_13IuQ2AMAwAwAmoMoeRf8dsg2xlIEpKJqVEory7hrdnqVAAMzUo44RTs4AjrIOwlq6DPM2NjXM3Eky6x_ady3x-fgFZc-ZdWQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS3MDE3NzG0sDAyMjQ0MTM3F-Iz1M0uz8stjUpPMXAMTAcAATor-iQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXB2xGAMAgEwB_bweEuPMRuHJgUksrdPVdMVNtCCokRoz7yWbUw0yehvW2_iPJwOut2LC38KSny3TkAAAA
.rfihub.com/	1970-01-21 00:22:28	Name: rud Value: H4sIAAAAAAAA_-MSsjS3MDE3NzG0sDAyMjQ0MTM3F-Iz1M0uz8stjUpPMXAMTAcAATor-iQAAAA
live.rezync.com/	1970-01-21 00:22:28	Name: sd-session-id Value: .eJwNylEKwyAMANC75LsOk0ZjvEwpakG2ulG7n5XefX4-eBcsn3LsayvthHge3zJBetWhDvGCXn97eUIElcAijCEQIbIXgXuCXnqv77bUPEr2mnhGMWNkw2SDWVmTIRGXBW3aeIvo1XlHjvThcLaKcP8BVwwktg.ZRGasQ.Jj85uRI0KL7Y3JSiiANwhBV4t_o
.rlcdn.com/	1970-01-20 23:46:28	Name: rlas3 Value: bXh9hKHGf34rq8a0QLsvE+CeKdl9bm4u7cvCfvh9yNI=
.rlcdn.com/	1970-01-20 16:27:16	Name: pxrc Value: CLC1xqgGEgUI204QABIGCLrqARAB
.doubleclick.net/	1970-01-21 00:36:52	Name: IDE Value: AHWqTUksIMhxtwMFhjYUN7O0mlvrJQF47h0rgGgl2gWfoHzD7WjeYiPIjWwUYFFFt_8
.linkedin.com/	1970-01-20 17:10:28	Name: li_sugr Value: 32415d3b-7acc-4999-94c9-91b0d2c286ef
.linkedin.com/	1970-01-20 23:46:28	Name: bcookie Value: "v=2&d3ee35f8-dd78-4db0-823e-743e78961278"
.linkedin.com/	1970-01-20 15:02:18	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2742:u=1:x=1:i=1695652530:t=1695738930:v=2:sig=AQHuqdQyB850P63Rnonsn4lrf_BicFRt"
.simpli.fi/	1970-01-20 23:47:54	Name: suid Value: 18FBFBDF83B247A285E15F1F0A21777F
.lijit.com/	1970-01-20 23:46:28	Name: _ljtrtb_2 Value: 18FBFBDF83B247A285E15F1F0A21777F
.adsrvr.org/	1970-01-20 23:47:54	Name: TDCPM Value: CAESFgoHYmx1ZWthaRILCPyC36XW9548EAUSGQoKbGl2ZWludGVudBILCOiqg7nW9548EAUYASABKAIyCwi0oYbm7PeePBAFOAFaCmxpdmVpbnRlbnRgAg..
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 55
.lijit.com/	1970-01-20 23:46:28	Name: ljtrtb Value: eJyrVjJSslIytHBzcnNycbMwdjIyMXc0sjB1NTR1M3QzcDQyNDc3d1OqBQC8CglB
.lijit.com/	1970-01-20 23:46:28	Name: _ljtrtb_5001 Value: 56c41f5fb1157be5170fdc38b144af8f
.everesttech.net/	1970-01-20 23:46:28	Name: everest_g_v2 Value: g_surferid~ZRGaswATBuqqTABY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
beacon.krxd.net
cdn-tc.33across.com
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
data-beacons.s-onetag.com
de.tynt.com
dl-file.com
dp1.33across.com
dp2.33across.com
e.dtscout.com
get.s-onetag.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
live.rezync.com
loada.exelator.com
loadus.exelator.com
map.go.affec.tv
match.adsrvr.org
maxcdn.bootstrapcdn.com
ml314.com
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pd.sharethis.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.ads.linkedin.com
s10.histats.com
s4.histats.com
secure.adnxs.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.18.11.207
104.20.8.31
104.26.13.60
13.107.42.14
13.226.22.38
141.101.120.10
142.250.31.156
142.250.31.97
142.251.16.132
142.251.163.104
144.217.183.17
149.56.240.130
151.101.194.49
172.253.122.156
172.253.122.94
172.253.63.154
172.64.152.89
172.64.153.173
18.119.153.8
18.160.213.86
18.160.46.56
18.172.122.72
184.28.136.218
199.38.167.130
216.239.32.178
23.34.240.168
23.79.38.113
23.92.190.68
23.92.190.69
3.162.163.118
3.162.174.91
3.221.126.30
3.229.72.50
34.111.113.62
34.111.234.236
34.195.127.221
34.200.65.202
34.231.224.57
34.231.79.111
35.190.60.146
35.194.66.159
44.196.115.10
51.222.80.231
52.14.172.225
52.223.40.198
52.26.6.186
52.55.144.0
67.202.105.24
67.202.105.33
67.202.105.34
68.67.179.166
74.119.119.131
74.119.119.139
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0dc85e8d96476fa7448692437236b7eb858d849cbf7bc33e7e57160ba568b53d
0ec27031d965281ee498c59565822e0b8e0210d6420f7d34aa23a259bf7074a6
12d9d71d8c07e3b32e6922a03a1d0c0183f6dee780a3229305f3b0f3c4aea4b4
146d2dc96679cdc0df28f85af6ce57482c623ecda3d6da12f28454c7f3923af2
15d166e96884a81a6c55d45716ef88176facffd6fba41a21b6e252e37d45498b
163aab8fdd4b7cfa854101763984a802120bf13a82d6f841c33ee9cd201f28c4
1e255f970062f21ed4de05fa8ffc923e5fefb2009738b331d3db01ddba94c091
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba
38eba31327475bf6d3b177561a8a2a5cadfa16ed7efab885684acafdb0bd0bfe
3b92fd57682bb7613f88077272e0020c5f2cdf808b7e6f39e6d5ef765a1d5717
45acba6154a34ff927d71ee8488de7a800511ec7545318b8a06cc7ed9679ad33
4acf4136b03b7954122a580eae0f47a316d9c7100dfbd764ef23b4bcdbfce6f1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
52c89db36003d59eb4a40b5ad13802a2142b40be5795ad22ab7d25556d8741e3
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d3c681f13c408b4908f8b0f8782389412a089a67ad72e9decbc6b408cecafb2
603e832fc5416073e2d35c4623266a5fd57920a49478887ae4a59a18fdb85810
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f09cbf786cfb81a414decdb994e380f80a1c083680941dd1e4fd1d2677d3943
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
70ab051e2008c1b23502a1941a316d45920669f1b4bc6c8a2b9be25240ca53c7
798adb8860b3dc412e2d789d153f1824e085eef370e05b7531e192a433c06cd4
79ea0fcaad1578acda495df0617d5b4f46de11c0b2dab44f6d20609935385e6c
7b748cce237953136fb0e45af806e1d89388aee1c24d9f1ef89a732399a6c2e2
7c240bc2e2d205bf5f480b2e59763df1a808eb3d63295d694e6a52e95716a6b3
7fce30ca9221e63e6e7c572a694eadf0c4787b2f35c281cf51eace3092d8a331
805ae1dddbef865a5ea68fa34e1c07d9be4ebed81e0a7b4dac0db96e262cc138
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8ca90a14908b64935e793005b3406a715e34e9eb451f74b579867261808783c2
8d472a50dfcb89a4a563cc9a1d9a5660f64f80bf9e79a4d66de415c039679d21
94024b15f0a587f637a2303205ae361518e1965d6beb190c005e04307783bf19
97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5
99aee4d2e442888ad0f1b13eb2ec3c226a35ed0343e700b2fa922d513eb46d0f
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
9be599d6cefdb3787be094191b685a027f52e6bf4ef49d04a50310e7b023c0a6
9d78c0148361a3fcb690e899c0dd3885c79797359301f6829e98ae476b800460
a4fd29aeff5c2151c3e4a2d0edc28885ffd0675a6d3a59e3ca229944e3490c0e
a6c748745997e83f17b90756869af2a20cf156acf538f1681a8f93a26edaa94c
acb0d630aa81f623804df8e31c447a03ae395e9fa0caaa5d17d9426c6d61777d
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
bbc3841dc445ea9ccd02261e20bea29d12b241142128e158bc2b5eade5d3eaa8
be326949abc9e1734176bd141d4aaf94b65365a6946bea5972137fbec42ed021
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d12fd1d8afb1c2d8cb9d59868336a6c9e357af548f36aa41bcdb12fa19158365
d5c41e631bcc6b4daa6f2bc47b6be005412000890e8531f838e59ff1db7096c2
d97f3efe68f835117863e4d76fec93f4309fd3c9070b3eee59400d7f145517d2
db30111a2cf8a9fc4e869ed222e37bead5291b5572cb0ab149ed4798c3596459
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e22a0f3f0c63f4f9e2be0b362a40706b6504d08e370a2769b8293ddbb203b3dc
e26142148dc2365533532cc901d730ee02f79bfffb9da86b20873911281c180f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49007d3a8ce3615a7088592e53718d07a2bb6d39bff06e56f0024be966993d4
e76f2c32ecd923b05ca6b92d18ebdd280a0d761c2dd5a386d327ba747c5b4ba1
e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35496fd6bbcccc685cb1d442d840b1feaa6591685c9c048fead34265e0814e2
f640aa1cc8d8ded3ff14ed90e980f3cf3c7578c6ce8aa6b7b657893e9f54a118
f6bf6d1af4e1926e10a1f8b61a1d0a658a48e7ffe323b13ef50d57438e6f24b7
febf998eb69c109a046b367fdce34ba10ed3b65b6d8f574a61b79a808a63f2dd

dl-file.com Open in urlscan Pro 144.217.183.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

77 %HTTPS

0 %IPv6

40 Domains

61 Subdomains

41 IPs

4 Countries

2478 kBTransfer

3628 kBSize

76 Cookies

19 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dl-file.com Open in urlscan Pro
144.217.183.17 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

77 %
HTTPS

0 %
IPv6

40
Domains

61
Subdomains

41
IPs

4
Countries

2478 kB
Transfer

3628 kB
Size

76
Cookies

102 HTTP transactions
0 data transactions